gnuedu web/lom.php ETCDIR Variable Remote File Inclusion

2007-05-08T00:00:00
ID OSVDB:38256
Type osvdb
Reporter OSVDB
Modified 2007-05-08T00:00:00

Description

Manual Testing Notes

[Path]/web/lom.php?ETCDIR=Shell

References:

Related OSVDB ID: 38248 Related OSVDB ID: 38252 Related OSVDB ID: 38249 Related OSVDB ID: 38250 Related OSVDB ID: 38251 Related OSVDB ID: 38253 Related OSVDB ID: 38254 Related OSVDB ID: 38255 ISS X-Force ID: 34174 Generic Exploit URL: http://www.milw0rm.com/exploits/3876 FrSIRT Advisory: ADV-2007-1736 CVE-2007-2609 Bugtraq ID: 23883