Product : SimpleChat! Version : 1.3 WebSite : http://hot-things.net Problem : Private info viewing Description: ------------ In a directory /data/ the file containing the information on users of a chat lays (taking place in a chat at present), to which any interested person can receive access. The file looks approximately so: 1048102503: |:127.0.0.1: |:subj: |:w1 1048102799: |:127.0.0.1: |:clark: |:w2 In the given situation we receive IP the user. Exploit: -------- http://[somehost]/chat/data/usr Link: ----- www.dwcgr0up.com Fixs: ----- U can finf all our fix on our homepage [www.dwcgroup.com] Thanks: ------- GipsHack : DHGroup : EXploit.ru : p0is0n : de1irium Contact: -------- r2subj3ct@dwclan.org irc.dwcgr0up.biz @ #dwc
