PEEL 1.0 b Remote File Include Vulnerability

ID EDB-ID:22114
Type exploitdb
Reporter frog
Modified 2002-12-31T00:00:00


PEEL 1.0 b Remote File Include Vulnerability. CVE-2002-2134. Webapps exploit for php platform


PEEL is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers.

An attacker may exploit this by supplying a path to a maliciously created file, located on an attacker-controlled host as a value for some parameters.

If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the webserver. Successful exploitation may provide local access to the attacker. 

with :