LFI in nokia maps

blog.shashank.co · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · vulnerability
0 net
AI Summary

A Local File Inclusion (LFI) vulnerability was discovered in Nokia Maps that allowed reading arbitrary files from the server (e.g., /etc/passwd). The vulnerability was reported on January 2, 2013, and patched by Nokia on January 20, 2013.

Tags
local-file-inclusion lfi web-vulnerability file-disclosure bug-bounty maps-service
Entities
Nokia Maps Nokia Lumia 920 Shashank
Shashank's Security Blog: LFI in Nokia maps Home Home Need my service? Tuesday, 22 October 2013 LFI in Nokia maps Well, this is my first blog-post, and I am going to share a Local File inclusion bug which I spotted in Nokia maps. http://maps.nokia.com/services/file:///etc/passwd reported on 2nd JAN 2013 Nokia fixes it on 20th JAN 2013 And I received an awesome RED NOKIA LUMIA 920 :) Posted by Shashank at 17:37 Email This BlogThis! Share to X Share to Facebook Share to Pinterest No comments: Post a Comment Newer Post Home Subscribe to: Post Comments (Atom) Follow Me Follow @cyberboyIndia Blog Archive ► 2020 (3) ► November (1) ► August (1) ► July (1) ► 2019 (2) ► May (1) ► March (1) ► 2018 (3) ► March (1) ► February (1) ► January (1) ► 2017 (3) ► November (2) ► October (1) ► 2015 (2) ► October (1) ► March (1) ► 2014 (1) ► January (1) ▼ 2013 (7) ► December (4) ► November (1) ▼ October (2) Nokia email app pwnage LFI in Nokia maps Popular Posts Writing a silent cryptocurrency miner (Monero) in 6 lines of code Hidden Crypto currency mining has always been a game for blackhat hackers to make money out of it. After reading a lot of blog and news abo... From a 500 error to Django admin takeover This bug is about a private target I was hunting. I passed all the subdomains to FFUF , a great tool written in GoLang to brute force direct... CRLF injection in blockchain.info This bug was reported by me to "Blockchain.info" for their bug-bounty program. For those who don't know about blockchain.in... Oracle xss Every one knows about ORACLE. Oracle Corporation is an American multinational computer technology corporation headquartered in Redwood City... How Apollo Hospitals leaked 1 million customer details About Apollo Hospitals:- In 2015, Apollo Hospitals introduced its digital platform, Ask Apollo. The platform provides remote healthcare s... Heroku Directory Transversal Long back I spotted a Directory Traversal bug in Heroku. "Heroku is a cloud platform is a cloud application platform – a new way of ... Stealing bitcoin wallet backups from blockchain.info Oauth, where many bugs arise :) This was one of my finding for the bug-bounty program of blockchain.info, where I was able to steal anyo... Taking Over Publicly Editable Github Wiki in Masses Let's get familiar with a few things first! What is Github? GitHub is a web-based hosting service for version control using Git. Git... LFI in Nokia maps Well, this is my first blog-post, and I am going to share a Local File inclusion bug which I spotted in Nokia maps. http://maps.nokia.com... Escalating a GitHub leak to takeover entire organization I was hunting on a private program. One of the common things I do is look for leaked credentials on Github. I give special attention to dele...
← Back to stories