jkloske@xxxxxxxxxxxxxx schrieb: > Let me preface this by saying I'm not a security expert, however considering that the above line is immediately preceeded by: > > if (!isset($_REQUEST['action']) || !isset($actionArray[$_REQUEST['action']])) > > ...with a default action defined by either the theme or the the SMF software itself (causing the LFI statement to never be reached), and that $actionArray is statically defined beforehand; is this really an LFI vulnerability, or just something that looks like the LFI pattern on the surface? > It's NOT a security Vulnerability, false report, and @sirn0n, please stop spamming, thx :) Cornelius Riemenschneider -- My source of power: www.humppa.com
