- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 26668
- Проверка EDB
-
- Пройдено
- Автор
- R0T3D3VIL
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2005-3948
- Дата публикации
- 2005-11-30
Код:
source: https://www.securityfocus.com/bid/15651/info
phpAlbum is prone to a local file-include vulnerability.
An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the webserver process.
Note that this issue may also be leveraged to read arbitrary files on an affected computer with the privileges of the webserver.
phpAlbum 0.2.3 and prior versions are vulnerable.
http://www.example.com/main.php?cmd=../
http://www.example.com/main.php?cmd=album&var1=../- Источник
- www.exploit-db.com
