Wordpress Funny4You plugin 1.0 Local File Include Vulnerability

2013-02-10T00:00:00
ID 1337DAY-ID-20332
Type zdt
Reporter bd0rk
Modified 2013-02-10T00:00:00

Description

I found vulnerable Code in /funny4you/funny4you.php line 33. The Parameter $server isn't declared before include. So an attacker can execute some local code about it.

This is private exploit. You can buy it at https://0day.today