"Powered by Podcast Generator"

  • 日期:2020-03-31
  • 类别:
  • 作者:Alexandros Pappas
  • 语法:"Powered by Podcast Generator"
  • # Google Dork: "Powered by Podcast Generator"

    # By using this dork, sites "Powered by Podcast Generator" can be found.
    The vulnerability exists due to failure in the "/core/episode.php" script
    to properly sanitize user-supplied input in "name" variable, it's possible
    to generate an error that will reveal the full path of the script. A remote
    user can determine the full path to the web root directory and other
    potentially sensitive information. This dork is linked to the following
    existing exploit: https://www.exploit-db.com/exploits/16109

    # Date: 31/03/2020

    # Author: Alexandros Pappas