4images Forum & Community
4images Issues / Ausgaben => Discussion & Troubleshooting => Topic started by: ReMoN on September 17, 2010, 06:57:22 PM
-
i found this warning in Arabic website
-----------------------------------------------------
Exploit Title: [4image 1.7.8 Remote File Include ]
Tested on: [Windows XP]
Version: [v 1.7.8 ]
Exploit: http://target/4images1.7.8/4images/global.php?db_servertype=[SHeLL]
-----------------------------------------------------
my PHP experience is not that good to search and fix Bugs and the Arabic forum here have no support
my question : is there is really Bug in global.php or it had been fixed ?
-
Can you post the site you found this from?
But what you showed doesn't look like any problems, because global.php cannot be executed directly as in your example.
-
English Website
http://www.exploit-db.com/exploits/14712/
Arabic Website
http://forum.orbitdesign.net/showthread.php?t=8266
-
is this right , please ?
-
First of all, welcome to 4images forum.
Secondly, please be patient and read forum rules (that is about your PM and unnecessary reporting topic)
As of your question, personally I don't see any problems in global.php or anything related to the exploit posted. However I may lack of knowledge to actually confirm this...don't take my word for it just yet. This being investigated.
-
thank you admin for your reply
i wait your reply after investigated
best wishes
-
That's a fake.
global.php can't be accessed directly. Give it a try:
]http://demo.4homepages.de/global.php?db_servertype=[SHeLL] (http://demo.4homepages.de/global.php?db_servertype=[SHeLL)
-
thanks kai
i pleased to heared that
i hope if appear any thing about that , Let us know
Thank you again :D