aWebNews <= 1.0 (login.php) Remote DocumentRoot file disclosure

/ Federico Fazzi, [email protected] / aWebNews = 1.0 login.php Remote DocumentRoot file disclosure / 04/06/2006 5:48 login.php: line 64-68, Bug: -- start -- if $GET'page' == "" $pagetogo = "index.php"; else $pagetogo = $GET'page'; -- end -- Proof of concept: Open the browser and go at:...