PHP DB Designer wind/about.php _SESSION[SITE_PATH] Variable Remote File Inclusion

2007-03-16T00:00:00
ID OSVDB:37211
Type osvdb
Reporter OSVDB
Modified 2007-03-16T00:00:00

Description

Manual Testing Notes

[Path]/wind/about.php?_SESSION[DRIVER]=Shell

References:

Related OSVDB ID: 37212 Related OSVDB ID: 37210 ISS X-Force ID: 33033 Generic Exploit URL: http://www.milw0rm.com/exploits/3501 FrSIRT Advisory: ADV-2007-1007 CVE-2007-1620