SolarPay - 'index.php' Local File Inclusion
| EKU-ID: 34808 | CVE: CVE-2006-7099;OSVDB-34693 | OSVDB-ID: |
| Author: Hasadya Raed | Published: 2007-02-26 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 34808 | CVE: CVE-2006-7099;OSVDB-34693 | OSVDB-ID: |
| Author: Hasadya Raed | Published: 2007-02-26 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/22722/info SolarPay is prone to a local file-include vulnerability because the utility fails to properly sanitize user-supplied input. Successfully exploiting this issue allows attackers to gain access to files located in directories they do not have permissions to access. Information that attackers harvest may aid them in further attacks. http://www.example.com/index.php?read=../admin/a_searchu.php