PHProg 1.0 index.php lang Parameter Traversal Arbitrary File Access

2014-07-01T00:00:00
ID SSV:82072
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/19957/info
 
PHProg is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and local file-include attacks. 
 
Version 1.0 of PHProg is reported vulnerable; other versions may be affected as well.
 
NOTE: This BID is being retired because it is a duplicate of BID 19942.

http://www.example.com/PHProg/index.php?lang=../../../../../../BOOT.INI%00