Gizzar index.php basePath Variable Remote File Inclusion

2006-12-09T18:52:10
ID OSVDB:35404
Type osvdb
Reporter OSVDB
Modified 2006-12-09T18:52:10

Description

Manual Testing Notes

http://[target]/[path]/index.php?basePath=Shell

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0278.html ISS X-Force ID: 30832 Generic Exploit URL: http://milw0rm.com/exploits/2905 FrSIRT Advisory: ADV-2006-4929 CVE-2006-6526 Bugtraq ID: 21524