VisoHotlink "mosConfig_absolute_path"远程文件包含漏洞

VisoHotlink是一款基于PHP的WEB应用程序。 VisoHotlink不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'includes/functions.visohotlink.php'脚本对用户提交的'"mosConfigabsolutepath"'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 VisoHotlink 1.x 目前没有解决方案提供： http://www.easy-script.com/compt.php?id=3312 !/usr/bin/perl VisoHotlink 1.0...

CVE-2007-0489

PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2007-0489

CVE-2007-0489 corresponds to a PHP remote file inclusion vulnerability in VisoHotlink 1.01 (and possibly older) affecting the includes/functions.visohotlink.php file. The underling issue is that the mosConfig_absolute_path parameter can be supplied via a URL to remotely execute arbitrary PHP code...

CVE-2007-0489

PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

EUVD-2007-0487

PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit

No description provided by source. !/usr/bin/perl VisoHotlink 1.0 Remote File Include Exploit Download: http://www.easy-script.com/compt.php?id=3312 Vulnerable Code: requireonce $mosConfigabsolutepath . '/includes/mosGetParam.php' ; Coded by bd0rk || SOH-Crew Usage: exploit.pl target cmd shell...

VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion

VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion !/usr/bin/perl VisoHotlink 1.0 Remote File Include Exploit Download: http://www.easy-script.com/compt.php?id=3312 Vulnerable Code: requireonce $mosConfigabsolutepath . '/includes/mosGetParam.php' ; Coded by bd0rk || SOH-Crew Usage...

VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit

Exploit for unknown platform in category web applications ====================================================================== VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit ====================================================================== !/usr/bin/perl VisoHotlink...

VisoHotlink 1.01 - 'functions.visohotlink.php' Remote File Inclusion

!/usr/bin/perl VisoHotlink 1.0 Remote File Include Exploit Download: http://www.easy-script.com/compt.php?id=3312 Vulnerable Code: requireonce $mosConfigabsolutepath . '/includes/mosGetParam.php' ; Coded by bd0rk || SOH-Crew Usage: exploit.pl target cmd shell shell variable Greetings: str0ke,...