wechat-broadcast Wechat Broadcast <= 1.2.0 – Local/Remote File Inclusion
This bug was found in the file:


echo file_get_contents(isset($_GET["url"]) ? $_GET["url"] : '');

The parameter "url" it is not sanitized allowing include local or remote

To exploit the vulnerability only is needed use the version 1.0 of the HTTP
protocol to interact with the application.

SEO News and More

SEO News and More

Share This