Exploit Database - Logo

Prototype of an PHP Application 0.1 - 'common.inc.php?path_inc' Remote File Inclusion

EDB-ID: 30129 Author: pito pito Published: 2007-06-01
CVE: CVE-2007-3217 Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: Link Tags: N/A
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/24266/info
          
'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application.
          
An attacker may leverage these issues to execute an arbitrary remote file containing malicious script code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system. Other attacks are also possible.
          
This issue affects 'Prototype of an PHP application' 0.1. 

http://example.com/script/common.inc.php?path_inc=[shell]
« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2007-3217
Trying to match OSVDBs (1): 37161
Trying to match setup file: d830c084a440793416ee566419a67554
Other Possible E-DB Search Terms: Prototype of an PHP Application 0.1,  Prototype of an PHP Application
Date D V Title Author
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/gestion/index.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/ident/disconnect.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/ident/ident.inc.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/ident/identification.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/ident/index.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/ident/loginliste.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/ident/loginmodif.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/menu/menuprincipal.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - '/plugins/PHPgacl/index.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - 'index.php?path_inc' Remote File Inclusionpito pito
2007-06-01 Verified Prototype of an PHP Application 0.1 - 'param.inc.php?path_inc' Remote File Inclusionpito pito
Menu