Exploit
Status: Alpha
Brought to you by:
stecy
Menu
▾
▴
#7 Exploit
open
nobody
None
5
2008-06-12
2008-06-12
Anonymous
No
Found on SecurityReason, credits to them:
=========================================================
PHPInv 0.8.0 (LFI/XSS) Multiple Remote Vulnerabilities
=========================================================
,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking
Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'
AUTHOR : CWH Underground
DATE : 8 June 2008
SITE : www.citec.us
#####################################################
APPLICATION : PHPInv
VERSION : 0.8.0
DOWNLOAD : http://sourceforge.net/projects/phpinv
#####################################################
---LFI---
##############################################
Vulnerable: entry.php (?action=)
43: if (isset($action) & !isset($noconfirm)) {
44: include("inc/entry_$action.php");
45: }
###############################################
