PHProg 1.0 - 'index.php?lang' Traversal Arbitrary File Access

Author: cdg393
type: webapps
platform: php
port: 
date_added: 2006-09-11 
date_updated: 2013-09-25 
verified: 1 
codes: CVE-2006-4753;OSVDB-28822 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/19957/info

PHProg is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and local file-include attacks.

Version 1.0 of PHProg is reported vulnerable; other versions may be affected as well.

NOTE: This BID is being retired because it is a duplicate of BID 19942.

http://www.example.com/PHProg/index.php?lang=../../../../../../BOOT.INI%00