SAXON archive-display.php template Variable Remote File Inclusion

2007-05-20T00:00:00
ID OSVDB:38355
Type osvdb
Reporter OSVDB
Modified 2007-05-20T00:00:00

Description

Manual Testing Notes

[target]/[path]/archive-display.php?template=[Shell-Script]

References:

Related OSVDB ID: 38354 Related OSVDB ID: 38353 Other Advisory URL: http://securityreason.com/securityalert/2734 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-05/0306.html Keyword: Simple Accessible XHTML Online News ISS X-Force ID: 34429 CVE-2007-2861