This exploit demonstrates a Local File Inclusion (LFI) vulnerability in AContent 1.3 by manipulating the 'url' parameter to access sensitive files like 'config.inc.php'. The attack is performed via a POST request to a specific endpoint.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:AContent 1.3
No auth needed
Prerequisites:Access to the target web application