"Powered by Podcast Generator"

• SHDB
• 1025 阅读

• 日期：2020-03-31
• 类别：
  • Advisories and Vulnerabilities
• 作者：Alexandros Pappas
• 语法："Powered by Podcast Generator"

• # Google Dork: "Powered by Podcast Generator"

  # By using this dork, sites "Powered by Podcast Generator" can be found.
  The vulnerability exists due to failure in the "/core/episode.php" script
  to properly sanitize user-supplied input in "name" variable, it's possible
  to generate an error that will reveal the full path of the script. A remote
  user can determine the full path to the web root directory and other
  potentially sensitive information. This dork is linked to the following
  existing exploit: https://www.exploit-db.com/exploits/16109

  # Date: 31/03/2020

  # Author: Alexandros Pappas