This exploit demonstrates a Local File Include (LFI) vulnerability in Adem 0.5.1 due to improper input validation in the 'p' parameter of index.php. The null byte injection (%00) bypasses file extension checks, allowing arbitrary file inclusion.
Classification
Working Poc 90%
Attack Type
Lfi
Complexity
Trivial
Reliability
Reliable
Target:Adem 0.5.1
No auth needed
Prerequisites:Access to the vulnerable web application