This exploit leverages a file disclosure vulnerability in phpMUR by manipulating the 'header' parameter in the getid3.php script to read arbitrary files from the server. The vulnerability is triggered via a simple HTTP request, making it trivial to exploit.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:phpMUR (version not specified)
No auth needed
Prerequisites:PHP version > 4.x.x · Access to the getid3.php script