intitle:admbook intitle:version filetype:php

  • 日期:2006-02-28
  • 类别:
  • 作者:anonymous
  • 语法:intitle:admbook intitle:version filetype:php
  • intitle:admbook intitle:version filetype:php tested version: 1.2.2, you can inject php code in config-data.php and execute commands on target through X-FOWARDED FOR http header when you post a message also you can see phpinfo(): http://[target]/[path]/admin/info.phpperl exploit:http://retrogod.altervista.org/admbook_122_xpl.html