9 lines
No EOL
508 B
Text
9 lines
No EOL
508 B
Text
source: http://www.securityfocus.com/bid/33458/info
|
|
|
|
OpenX is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
|
|
|
|
An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks.
|
|
|
|
OpenX 2.6.3 is affected; other versions may also be vulnerable.
|
|
|
|
http://www.example.com/www/delivery/fc.php?MAX_type= ../../../../../../../../../../../../../../../etc/passwd%00 |