Local file inclusion vulnerability
Opened this issue · 0 comments
themcaffee commented
In csr.php
on line 9:
include $_GET['p'].'.php';
there is a local file inclusion vulnerability. p
is not sanitized and by using a null byte character can be used to include any file on the server. More information