记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

WEB应用漏洞: - LittleSite 0.1 'file' Parameter Local File Include Vulnerability

2014-09-23 18:50
source: http://www.securityfocus.com/bid/43495/info

LittleSite is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

LittleSite 0.1 is vulnerable; other versions may also be affected.

http://www.example.com/littlesite/index.php?file=../../../../etc/passwd



知识来源: www.exploit-db.com/exploits/34747

阅读:80725 | 评论:0 | 标签:webapps

想收藏或者和大家分享这篇好文章→复制链接地址

“WEB应用漏洞: - LittleSite 0.1 'file' Parameter Local File Include Vulnerability”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云

本页关键词