PHP Doc System 1.5.1 - Local File Inclusion

EDB-ID:

26643


Author:

r0t

Type:

webapps


Platform:

PHP

Date:

2005-11-28


source: https://www.securityfocus.com/bid/15611/info

PHP Doc System is prone to a local file-include vulnerability. This is due to the application's failure to properly sanitize user-supplied input.

This may facilitate the unauthorized viewing of files and unauthorized execution of local PHP code.

PHP Doc System 1.5.1 and prior versions are reported vulnerable; other versions may also be affected. 

http://www.example.com/index.php?show=../File