Pluck 4.7 Local File Inclusion / Disclosure

2011-09-09T00:00:00
ID PACKETSTORM:104934
Type packetstorm
Reporter Bl4k3
Modified 2011-09-09T00:00:00

Description

                                        
                                            `# Exploit Title: Pluck 4.7 multiple vulnerabilities  
  
# Google Dork: Powered by pluck  
  
# Date: 05/08/2011  
  
# Author: Bl4k3  
  
# Software Link: http://www.pluck-cms.org/?file=download  
  
# Version: 4.7  
  
# Tested on: Debian  
  
# CVE : /  
  
1-File Inclusion:  
  
include(ALBUMS_DIR.'/'.$_GET['album'].'.php');  
  
Require:  
  
if (file_exists(ALBUMS_DIR.'/'.$_GET['album'].'.php')) {  
function albums_pages_site() {  
  
2-File Inclusion  
  
include (ALBUMS_DIR.'/'.$album['seoname'].'.php');  
foreach ($albums as $album) {  
$albums = albums_get_albums();  
  
3-File Disclosure  
  
echo readfile('../../settings/modules/albums/'.$image);  
$image = $_GET['image'];  
  
requires:  
  
if (file_exists('../../settings/modules/albums/'.$image)) {  
  
And a lot of low vulnerabilities!!  
  
  
Bl4k3 HardC0de   
  
`