Hi I tried this LFI. it does not display the /etc/password file. So ver 2.4.1. seems protected. looks like it is a false alarm.

[ reply ]