Vulnerability In Jack's Formmail Script

[MikeJ]

An advisory has been released regarding Jack's FormMail script v5.0.

 

Jack's FormMail script is not a TCH supported or supplied script, but I know many users use it. The above vulnerability can allow a remote user to gain access to read files normally not viewable through your website (such as your .htaccess file, or other private files). The following fix is recommended for users of Jack's FormMail script until a new version is released that fixes this problem:

Remove the following code from the FormMail.php script.

------------------------------------------------------

if (file_exists($ar_file)) {

  $fd = fopen($ar_file, "rb");

  $ar_message = fread($fd, filesize($ar_file));

  fclose($fd);

  mail_it($ar_message, ($ar_subject)?stripslashes($ar_subject):"RE: Form Submission", ($ar_from)?$ar_from:$recipient, $email);

}

------------------------------------------------------

[TCH-Thomas]

Just out of curiousity, this isn´t the same script as the Ultimate Form Mail Script, correct?

[TCH-Bruce]

I don't believe so Thomas

[MikeJ]

Just out of curiousity, this isn´t the same script as the Ultimate Form Mail Script, correct?

<{POST_SNAPBACK}>

 

No. Ultimate Form Mail script is a completely different script and does not have this vulnerability.

[TCH-Thomas]

Thanks Mike J.

I just wanted to make sure since the guy who does Ultimate Form Mail is named Jack too (if Im not wrong) and that script is very popular here as I understand.

[MikeJ]

I can understand the confusion. The vulnerable script is actually called "Jack's FormMail".

[surefire]

TCH-MikeJ is absolutely correct. I'm the good Jack. Different dude. Thanks for being so on top of things.