"Powered by ocPortal" -demo -ocportal.com

• SHDB
• 1927 阅读

• 日期：2004-10-26
• 类别：
  • Advisories and Vulnerabilities
• 作者：anonymous
• 语法："Powered by ocPortal" -demo -ocportal.com

• Reportedly ocPortal is affected by a remote file include vulnerability. This issue is due to a failure of the application to sanitize user supplied URI input.An attacker might leverage this issue to run arbitrary server side script code on a vulnerable computer with the privileges of the web server process. This may potentially result in a compromise of the vulnerable computer as well as other attacks.http://www.securityfocus.com/bid/11368