#!usr/bin/perl -w
###
# XM Easy Personal FTP Server 5.x allows remote attackers to cause a denial
of service
# via a HELP or TYPE command with an overly long argument.
# Refer:
#
Greetings All,
I am trying to reproduce the issue, but php is reporting some error:
like fail to open lang/../../../../../../../../../../etc/passwd%00;
path=//lang.php.
vulnerable code is:
include(lang/.$_SESSION['language']./lang.php);
exploit is:
Hi Gavin even with the manager previleges it is possible to exploit this issue.