- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 22603
- Проверка EDB
-
- Пройдено
- Автор
- MIND WARPER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2003-05-14
Код:
source: https://www.securityfocus.com/bid/7598/info
A vulnerability has been reported for PHP-Proxima. The problem occurs in the autohtml.php script. Specifically, the script fails to verify the contents of a user-supplied variable before including a specified file into an HTML file. As a result, a malicious remote user may be capable of using this as a channel to disclose the contents of arbitrary local system files.
It should be noted that all local files would be accessed with the privileges of user invoking PHP-Proxima.
http://www.target.org/autohtml.php?op=modload&mainfile=x&name=filename- Источник
- www.exploit-db.com
