RETIRED: Esvon Classifieds Remote Command Execution and Remote File Include Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/inc/pdo.inc.php?sql= [inj3ct0r command]

http://www.example.com/inc/class.phpmailer.php?lang_path=[inj3ct0r RFI]
http://www.example.com/inc/class.phpmailer.php?lang_type=[inj3ct0r RFI]


 

Privacy Statement
Copyright 2010, SecurityFocus