Satel Lite - 'Satellite.php' Local File Inclusion
| EKU-ID: 34920 | CVE: CVE-2007-3332;OSVDB-35183 | OSVDB-ID: |
| Author: rUnViRuS | Published: 2007-11-26 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 34920 | CVE: CVE-2007-3332;OSVDB-35183 | OSVDB-ID: |
| Author: rUnViRuS | Published: 2007-11-26 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/23143/info Satel Lite is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to access sensitive information and to execute local script code in the context of the application; this may facilitate other attacks against the affected computer. http://www.example.com/nuke_path/Satellite.php?op=modload&name=../../../../../../etc/passwd&file=index