ECHO_ADV_49$2006 ----------------------------------------------------------------------------------------------- [ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------------- Author : Dedi Dwianto a.k.a the_day Date Found : October, 09th 2006 Location : Indonesia, Jakarta web : http://advisories.echo.or.id/adv/adv49-theday-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : OpenDock Easy Doc version : <=1.4 URL : http://web.opendock.net --------------------------------------------------------------------------- Vulnerability: ~~~~~~~~~~~~~~ In folder sw/lib_up_file/ I found vulnerability script file.php --------------------------file.php--------------------------------------- ....