arfis

automated Remote File Inclusion search

RFI (0.2): eArk September 13, 2007

Filed under: RFI — arfis @ 10:30 pm

Project Name: eArk
Project Link: http://sourceforge.net/projects/e-ark/
Project DL: http://surfnet.dl.sourceforge.net/sourceforge/e-ark/e-ark-1.0.zip
RFI Info:
File: tmp/e-ark-1.0/e-ark-1.0/src/vcard_inc.php
Line: 17
Vuln Code: require_once( $cfg_vcard_path . ‘class.vCard.inc.php’ );

File: tmp/e-ark-1.0/e-ark-1.0/src/ark_inc.php
Line: 17
Vuln Code: require_once( $cfg_pear_path . ‘PEAR.php’ );

File: tmp/e-ark-1.0/e-ark-1.0/src/email_inc.php
Line: 17
Vuln Code: require_once( $cfg_phpmailer_path . ‘class.phpmailer.php’ );

(found with version 0.2 – 763 projects processed so far)