Sphider <= 1.3 (configset.php) Arbitrary Remote Inclusion Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; print \r\nSphider = 1.3 arbitrary remote inclusion\r\n ; print - works with registerglobals = On & allowurlfopen = On\r\n; print by rgod rgodATautisticiDOTorg\r\n; print site: http://retrogod.altervista.org\r\n; print \r\ndork:...

Sphider configset.php settings_dir Parameter Remote File Inclusion

The remote host is running Sphider, an open source web spider and search engine written in PHP. The version of Sphider installed on the remote host fails to sanitize user-supplied input to the 'settingsdir' parameter of the 'admin/configset.php' script before using it in a PHP 'include' function...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when registerglobals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the settingsdir parameter...

CVE-2006-1784

CVE-2006-1784 affects Sphider up to version 1.3. The issue is a PHP remote file inclusion in admin/configset.php via the settings_dir parameter, allowing arbitrary PHP code execution under specific PHP configurations (notably related to register_globals). The problem is triggered when user input ...