TNT Forum 'index.php' Local File Include Vulnerability

info
discussion
exploit
solution
references

TNT Forum 'index.php' Local File Include Vulnerability

TNT Forum is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue allows remote attackers to view local files within the context of the webserver process.

TNT Forum 0.9.4 is vulnerable; other versions may also be affected.