GAMERFUN EXPLORER GF-3XPLORER Local File Include and Cross-Site Scripting Vulnerabilities

Attackers can exploit these issues via a browser. To exploit a cross-site scripting vulnerability, the attacker must entice an unsuspecting user to view a maliciously crafted URI.

The following proof-of-concept URIs are available:

For the local file-include issues:[LFI]%00[LFI]%00

For the cross-site scripting issue:">[XSS]


Privacy Statement
Copyright 2010, SecurityFocus