EIP-2026-111015

This is a writeup describing a local file inclusion (LFI) vulnerability in phpCOIN 1.2.1. The vulnerability allows an attacker to include arbitrary local files, such as /proc/self/environ, by manipulating the 'mod' parameter in the URL.