7 lines
No EOL
446 B
Text
Executable file
7 lines
No EOL
446 B
Text
Executable file
source: http://www.securityfocus.com/bid/30781/info
|
|
|
|
FAR-PHP is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
|
|
|
|
An attacker can exploit this vulnerability using directory-traversal strings to view local files within the context of the webserver process. Information harvested may aid in further attacks.
|
|
|
|
http://www.example.com/farver/index.php?c=/../../../../../../../../boot.ini%00 |