MeiuPic 'ctl'参数本地文件包含漏洞

Bugtraq ID:66317 MeiuPic是一款简易相册应用。 MeiuPic不正确过滤用户提交给'ctl'参数的数据，允许远程攻击者利用漏洞提交特制的请求，以WEB权限查看系统文件内容。 0 MeiuPic 2.1.2 目前没有详细解决方案提供： http://meiupic.meiu.cn http://www.example.com/MeiuPic/?ctl=../../../../../../../../../../etc/passwd...

MeiuPic 2.1.2 Local File Inclusion

Exploit Title: MeiuPic 2.1.2 Local File Inclusion Date: 2014 18 March Author: Dr.3v1l Vendor Homepage: http://meiupic.meiu.cn Version : 2.1.2 Tested on: Windows Category: webapps Google Dork: intext:"Powerd by MeiuPic 2.1.2" + Exploit : http:///MeiuPic/ Local File Inclusion , you can read...

MeiuPic 2.1.2 - ctl Local File Inclusion

MeiuPic 2.1.2 - ctl Local File Inclusion source: https://www.securityfocus.com/bid/66317/info MeiuPic is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information an...

MeiuPic 2.1.2 - 'ctl' Local File Inclusion

source: https://www.securityfocus.com/bid/66317/info MeiuPic is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts. This...