arfis

automated Remote File Inclusion search

RFI (0.2): der-dirigent September 14, 2007

Filed under: RFI — arfis @ 5:38 am

Project Name: der-dirigent
Project Link: http://sourceforge.net/projects/der-dirigent/
Project DL: http://surfnet.dl.sourceforge.net/sourceforge/der-dirigent/der_dirigent_v1.0.zip
RFI Info:
File: tmp/der_dirigent_v1.0/backend/inc/inc.generate_code.php
Line: 7
Vuln Code: include($dedi_path.’inc/fnc.type.php’);

File: tmp/der_dirigent_v1.0/projekt01/cms/inc/frontend.php
Line: 159
Vuln Code: include( $dedi_path . ‘inc/inc.generate_code.php’ );

File: tmp/der_dirigent_v1.0/projekt01/cms/inc/backend.php
Line: 5
Vuln Code: include($dedi_path.’inc/fnc.generate_code.php’);

File: tmp/der_dirigent_v1.0/backend/inc/fnc.type_forms.php
Line: 7
Vuln Code: include_once($dedi_path.’inc/fnc.type_common.php’);

File: tmp/der_dirigent_v1.0/backend/inc/fnc.type.php
Line: 24
Vuln Code: include_once($dedi_path.’inc/fnc.type_common.php’);

File: tmp/der_dirigent_v1.0/backend/inc/class.filemanager.php
Line: 81
Vuln Code: require_once ($this_dir.’inc/class.fileaccess.php’);

(found with version 0.2 – 3572 projects processed so far)