Zee Cinema is Vulnerable to LFI(local file inclusion) + iframe Injection.

Local File Inclusion (LFI) is a type of vulnerability which is mostly found in websites. It allows hacker to include a local file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation.  LFI Vulnerability allows an attacker to add any local file to Website Server through script. LFI is very dangerous vulnerability which can lead to website Defacement, Command Execution and many more........

Here are some of the common parameters which are vulnerable to local file inclusion or remote file inclusion attacks

read.html?link=
index.php?homepage=index.php?
page=index.php?index2=

But recent days I was testing Zee Cinema for vulnerabilities and i found that it is vulnerable to local file inclusion.









Enjoy!!!!!!!!!!!!!

Comments

  1. Avinash SherDecember 23, 2013 at 7:26 AM

    good anshu bhaiya i tried the loic

    ReplyDelete
  2. AnonymousFebruary 9, 2014 at 4:44 AM

    A page can not interact with iframe content unless they belong to the same domain.. so their is no issue..

    ReplyDelete
  3. UnknownOctober 30, 2014 at 12:58 PM

    Go and get more new Natok, Movie, Video From

    Bangla Natok
    Hindi Natok
    Star Plus Natok
    Star Jalsha Natok
    Mirakkal 8
    Comedy Show
    Reality shows
    Funny video
    Mosharraf Karim Natok
    Dare 2 Dance
    New Movies
    Brazil vs Argentina (ব্রাজিল বনাম আর্জেন্টিনা) Ft Mosharraf Karim | Tv Shows
    www.freetvshows.in

    ReplyDelete

Post a Comment

Popular Posts