EXPLOITDB-EDB-6788

EXPLOITDB text VERIFIED WRITEUP

Exploit for CVE-2008-4626 - Zirkon BOX Yappa-ng - Path Traversal

AI Analysis

This is a writeup describing a Local File Include (LFI) vulnerability in yappa-ng Version 2.3.2. The exploit leverages a null byte injection to include arbitrary local files via the 'album' parameter.

Attack Type

info_leak

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/6788

Authors

Vrs-hCk

Vulnerability

CVE-2008-4626

Zirkon BOX Yappa-ng - Path Traversal