technote 7.2 - Remote File Inclusion Vulnerability

TECHNOTE 7.2 08.09.25 Remote File Inclusion Vulnerability bY [email protected] / TECHNOTE VERSION 7.2 08.09.25is bulletin board system of Korea. It is freely available for all platforms that supports PHP and MySQL. But I find Remote File Inclusion vulnerability. Here is the details: / TEST ON...

CVE-2009-0441

PHP remote file inclusion vulnerability in skinshop/standard/2viewbody/bodydefault.php in TECHNOTE 7.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the shopthisskinpath parameter, a different vector than CVE-2008-4138...