Full title: ClanSphere 2011.3 Local File Inclusion / Remote Code Execution Vulnerabilities 
Category: web applications
Platform: php
ClanSphere version 2011.3 suffers from a local file inclusion vulnerability in the cs_lang cookie parameter. This advisory has two exploits included and one of them uses /proc/self/environ to launch a connect-back shell.

# 0day.today @ http://0day.today/