The Includer Remote Command Execution Flaw Network Vulnerability

Summary

The remote web server contains a PHP script that is affected by a remote code execution vulnerability. Description: The remote host is running The Includer, a PHP script for emulating server-side includes. The version of The Includer installed on the remote host allows an attacker to execute arbitrary shell commands by including shell meta-characters as part of the URL.

Solution

Unknown at this time.

References

http://marc.theaimsgroup.com/?l=bugtraq&m=111021730710779&w=2

Updated on 2015-03-25

Severity

Classification

CVE CVE-2005-0689

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Avenger's News System Command Execution
AdMentor Login Flaw
Apache Struts ClassLoader Manipulation Vulnerabilities
AjaxPortal 'di.php' File Inclusion Vulnerability
Apache Archiva Multiple Remote Command Execution Vulnerabilities

The Includer remote command execution flaw

Take action and discover your vulnerabilities