1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Researcher says Adult Friend Finder vulnerable to file inclusion vulnerabilities

Discussion in 'CSO' started by RSS, Oct 19, 2016.

  1. RSS

    RSS New Member Member

    A researcher known for exposing application flaws posted screenshots showing Local File Inclusion vulnerabilities on Adult Friend Finder. The incident marks the second time in just over a year that the internet hook-up destination has had security problems.

    On Tuesday, a researcher who goes by 1x0123 on Twitter, and Revolver in other circles, posted screenshots taken on Adult Friend Finder.

    The images show a Local File Inclusion vulnerability (LFI) being triggered. When asked directly,1x0123 confirmed LFI as the vulnerability being exploited, and said it was discovered in a module on the production servers used by Adult Friend Finder.

    LFI vulnerabilities allow an attacker to include files located elsewhere on the server into the output of a given application.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page