E
El-Cewad
##HEADLINE
Joomla <= (Shape 5 MP3 Player 2.0) Local File Disclosure Exploit (0day)
##HEADLINE
zeroday 13 Aralık 2015 itibariyle
Joomla <= (Shape 5 MP3 Player 2.0) Local File Disclosure Exploit (0day)
##HEADLINE
zeroday 13 Aralık 2015 itibariyle
Code:
<?php
$path = base64_decode($_REQUEST[’fileurl’]);
$base = basename($path);
$path1 = str_replace(’ ’,’%20’,$path);
header(’Content-Description: File Transfer’);
header(’Content-Type:application/octet-stream’);
header(’Content-Transfer-Encoding: Binary’);
header("Content-disposition: attachment; filename=\\"".basename($path)."\\"");
header(’Content-Length: ’ . filesize($path));
header(’Cache-Control: must-revalidate, post-check=0, pre-check=0’);
header(’Pragma: public’);
readfile($path1);
exit;
?>
Last edited by a moderator: