facebook facebook twitter rss

Geeklog 2.1.0b1 Multi Vulnerability

Author: indoushka , Published: 25-10-2014
Geeklog 2.1.0b1 Multi Vulnerability
Author : indoushka
Vondor : http://www.geeklog.net/
Dork : Powered by Geeklog

Security vulnerability in MySQL/MariaDB sql/password.c :

Database Disclosure :

Sql inj : (inject her)

login :

Fck&Ck/Editors :

File inclusion :


Attack details :

URL encoded GET input image was set to 1some_inexistent_file_with_long_name%00.png

Error message found:

<b>Warning</b>: file_get_contents(images/1some_inexistent_file_with_long_name%00.png) [<a href='function.file-get-contents'>function.file-get-contents</a>]:
failed to open stream: No such file or directory in <b>C:\AppServ\www\enquete\public_html\filemanager\connectors\php\inc\vendor\wideimage\lib\WideImage.php</b> on line <b>195</b>

Like us on Facebook :