#7 Beware... Hacker Exploit

open
nobody
None
5
2006-06-12
2006-06-12
CharlieM
No

I just missed a bullet from an includes flaw in
/inc/function.php
of bookmark4u.

Looking thru google as to why someone would try doing an
include using bookmark4u, I found a reference to a hacker
exploit involving a remote includes using the above php
code.

Their bots missed me by one-level directory, and have moved
the app from mainstream use until I examine it later.

So.... heads up everyone.

Discussion