Php Blue Dragon Multiple Input Validation Vulnerabilities

info
discussion
exploit
solution
references

Php Blue Dragon Multiple Input Validation Vulnerabilities

Attackers can use a browser to exploit these issues.

A proof-concept URI and sample exploit code are available:

http://www.example.com/public_includes/pub_blocks/activecontent.php?vsDragonRootPath=[evil_code?]

/data/vulnerabilities/exploits/25264SQL.php
/data/vulnerabilities/exploits/25264LFI.php
/data/vulnerabilities/exploits/25264RFI.pl