Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2010-0983

Description

PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, a different vector than CVE-2007-2156.

POC

Reference

- http://packetstormsecurity.org/1001-exploits/rezervi-rfi.txt

- http://www.exploit-db.com/exploits/10967

Github

No PoCs found on GitHub currently.