[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] PHP file vulnerable on SMF 1.1.10

In Simple Machine Forum application version 1.1.10,
everybody can see some PHP files as like as index.php by any browsers
just added "~" symbol to end of filename.
examples:
http://vulnsite.com/path_of_SMF/index.php~
http://vulnsite.com/path_of_SMF/ssi_examples.php~
http://vulnsite.com/path_of_SMF/SSI.php~


-- 
I will never let you go ...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/