News

Disclosure

Contributors

Kacper - kacper1964

Provided by

User Status

Exploit

Discovery

Sign-Up

OSVDB

30146

Technical

Browse

Technorati

the "AD_BODY_TEMP" variable. This may allow an attacker to register.php not properly sanitizing user input supplied to include a Free File Hosting contains a flaw by execute arbitrary commands. The issue is due to vulnerable script. a remote attacker to the remote host that may allow a file from that contains arbitrary commands which will be executed

Attack Type

Solution © Copyright 2008 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Search OSVDB Integrity
22594 : Input Manipulation
30145 : Free File Hosting register.php AD_BODY_TEMP Variable Remote File Inclusion
Account : Web Related of : Loss

Blogs

"on". This has not been the This vulnerability is only present when to default setting for PHP installs since version 4.2.0 (22-Apr-2002). the register_globals PHP option is set

Products

30145: Free File Hosting register.php AD_BODY_TEMP Variable Remote File Inclusion

30144

NVD

Privacy Statement

Info

(see also:

Exploit Comments Quick Searches 1.1 FPS
Advanced Search 2006-5763
Percent Complete Credit Solution
Compatibility http://www.golrleaf.com/P/Free_File_Hosting
Other Advisory URL: http://www.golrleaf.com/exploity/Exploits/111.txt

Printer

Join the Effort http://www.golrleaf.com/30145

Login

Loading... Views All Time

Edit Vulnerability

Location

Email This Related OSVDB ID:

Database Info

10 months ago

Project Info

CVE ID:
- Vendors
Sponsors

Classification

Mailing Lists

at the user"s risk. In no event shall of use or this information. the copyright holder is spread of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or in connection with the The database information may change without any notice. Use or otherwise, with regard to this information or its use. Any use of or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of this information

Currently, there are no known upgrades, patches,
Hide Add Comment | Terms
OSVDB API